us.norton.com Open in urlscan Pro
2a02:26f0:2c:2bc::1015 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://us.norton.com/blog/emerging-threats/norton-email-scams
Effective URL:
https://us.norton.com/blog/emerging-threats/norton-email-scams
Submission: On October 31 via manual (October 31st 2023, 9:12:07 pm UTC) from US — Scanned from DE

Summary HTTP 264 Redirects Links 96 Behaviour Indicators

Summary

This website contacted 80 IPs in 7 countries across 60 domains to perform 264 HTTP transactions. The main IP is 2a02:26f0:2c:2bc::1015, located in Düsseldorf, Germany and belongs to AKAMAI-ASN1, NL. The main domain is us.norton.com. The Cisco Umbrella rank of the primary domain is 16279.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on September 27th 2023. Valid for: 7 months.

This is the only time us.norton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a02:26f0:2c:... 2a02:26f0:2c:29d::1015	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
48	2a02:26f0:2c:... 2a02:26f0:2c:2bc::1015	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:310... 2a02:26f0:3100:787::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	3.124.119.57 3.124.119.57	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:310... 2a02:26f0:3100:782::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.17.159.98 52.17.159.98	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:88f::1015	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.249.73.231 34.249.73.231	16509 (AMAZON-02) (AMAZON-02)
1 1	3.248.147.241 3.248.147.241	16509 (AMAZON-02) (AMAZON-02)
1	66.235.152.152 66.235.152.152	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:2c:... 2a02:26f0:2c:28c::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	63.140.62.108 63.140.62.108	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6816:34fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:206... 2600:9000:206f:a800:1:996f:a9c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2600:1f18:e8a... 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 7	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
2 8	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
2	2.18.97.54 2.18.97.54	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:780... 2a02:26f0:780::210:a441	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1	3.162.38.245 3.162.38.245	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
1	2a04:4e42:400... 2a04:4e42:400::396	54113 (FASTLY) (FASTLY)
2	2a02:26f0:480... 2a02:26f0:480:15::213:7e63	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
5	2.19.120.33 2.19.120.33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.159.153.247 162.159.153.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:269... 2600:9000:269a:5200:12:1bcc:1d00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:350... 2a02:26f0:3500:884::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.10.82.74 52.10.82.74	16509 (AMAZON-02) (AMAZON-02)
1	35.204.89.238 35.204.89.238	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.249.9.8 13.249.9.8	16509 (AMAZON-02) (AMAZON-02)
1	34.254.6.250 34.254.6.250	16509 (AMAZON-02) (AMAZON-02)
1	35.85.73.196 35.85.73.196	16509 (AMAZON-02) (AMAZON-02)
1 1	216.200.122.11 216.200.122.11	6461 (ZAYO-6461) (ZAYO-6461)
2 3	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
1 2	54.163.224.65 54.163.224.65	14618 (AMAZON-AES) (AMAZON-AES)
4	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
1	23.196.247.136 23.196.247.136	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.193.35 151.101.193.35	54113 (FASTLY) (FASTLY)
2	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	52.30.155.104 52.30.155.104	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
2	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
1 2	216.58.212.134 216.58.212.134	15169 (GOOGLE) (GOOGLE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	34.98.72.95 34.98.72.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.45.37.98 52.45.37.98	14618 (AMAZON-AES) (AMAZON-AES)
1	52.33.252.192 52.33.252.192	16509 (AMAZON-02) (AMAZON-02)
1	34.95.127.121 34.95.127.121	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.244.140.93 18.244.140.93	16509 (AMAZON-02) (AMAZON-02)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
34	52.13.223.29 52.13.223.29	16509 (AMAZON-02) (AMAZON-02)
1	54.171.111.121 54.171.111.121	16509 (AMAZON-02) (AMAZON-02)
1	2.19.11.8 2.19.11.8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	52.200.32.109 52.200.32.109	14618 (AMAZON-AES) (AMAZON-AES)
1	34.95.120.72 34.95.120.72	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.206.216 34.102.206.216	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.149.44.52 34.149.44.52	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:310... 2a02:26f0:3100:795::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	34.30.96.65 34.30.96.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:1901:0:5... 2600:1901:0:56e0::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.193.48 34.102.193.48	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	34.111.8.32 34.111.8.32	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.66.3.160 34.66.3.160	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
264	80

1 2a02:26f0:2c:29d::1015 (Düsseldorf, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

us.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2a02:26f0:2c:2bc::1015 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

us.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100:787::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 3.124.119.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com

ensighten.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100:782::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.159.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-159-98.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:88f::1015 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.nortonlifelock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.73.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-73-231.eu-west-1.compute.amazonaws.com

symantec.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.147.241 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-147-241.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.235.152.152 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-66-235-152-152.data.adobedc.net

symantec.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:2c:28c::11a6 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-108.data.adobedc.net

oms.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:34fc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:a800:1:996f:a9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

spider.australiarevival.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

bite.australiarevival.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.97.54 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-97-54.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:a441 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.38.245 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-38-245.cdg52.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:15::213:7e63 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.19.120.33 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-120-33.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.153.247 (None, )

ASN13335 (CLOUDFLARENET, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:269a:5200:12:1bcc:1d00:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.knotch-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:884::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.10.82.74 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-82-74.us-west-2.compute.amazonaws.com

app.leadsrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.89.238 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 238.89.204.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.9.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-9-8.cdg53.r.cloudfront.net

tag.havasedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.6.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-6-250.eu-west-1.compute.amazonaws.com

enable-eg-ot.egainonetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.85.73.196 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-85-73-196.us-west-2.compute.amazonaws.com

tvspix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.122.11 (Overland Park, United States) 1 redirects

ASN6461 (ZAYO-6461, US)
PTR: 216.200.122.11.IPYX-141870-ZYO.zip.zayo.com

gwmtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.132 (United States)

ASN54113 (FASTLY, US)

pt.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.163.224.65 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-224-65.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.0.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.196.247.136 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-247-136.deploy.static.akamaitechnologies.com

buy.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.155.104 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-155-104.eu-west-1.compute.amazonaws.com

norton.ow5a.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f6.1e100.net

8136487.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.37.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-37-98.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.33.252.192 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-252-192.us-west-2.compute.amazonaws.com

event.havasedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.127.121 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.127.95.34.bc.googleusercontent.com

www.ojrq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.140.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-140-93.lhr50.r.cloudfront.net

configs.knotch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 52.13.223.29 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-13-223-29.us-west-2.compute.amazonaws.com

support-digital.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.111.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-111-121.eu-west-1.compute.amazonaws.com

analytics.analytics-egain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.11.8 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-11-8.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.200.32.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-32-109.compute-1.amazonaws.com

aq-swa-api.knotch.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.120.72 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 72.120.95.34.bc.googleusercontent.com

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.206.216 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 216.206.102.34.bc.googleusercontent.com

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.44.52 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 52.44.149.34.bc.googleusercontent.com

view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100:795::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

684dd311.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.30.96.65 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.96.30.34.bc.googleusercontent.com

norton-app.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:56e0:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

ids.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.193.48 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 48.193.102.34.bc.googleusercontent.com

e.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.bouncex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.66.3.160 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 160.3.66.34.bc.googleusercontent.com

rl.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
102	norton.com 1 redirects us.norton.com — Cisco Umbrella Rank: 16279 ensighten.norton.com — Cisco Umbrella Rank: 161016 oms.norton.com — Cisco Umbrella Rank: 77923 lifelock.norton.com Failed buy.norton.com — Cisco Umbrella Rank: 191776 support-digital.norton.com — Cisco Umbrella Rank: 247040	1 MB
13	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 ad.doubleclick.net — Cisco Umbrella Rank: 154 8136487.fls.doubleclick.net — Cisco Umbrella Rank: 440041 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	11 KB
11	quantummetric.com cdn.quantummetric.com — Cisco Umbrella Rank: 2468 norton-app.quantummetric.com — Cisco Umbrella Rank: 142146 rl.quantummetric.com — Cisco Umbrella Rank: 3881	191 KB
10	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 105	2 KB
9	bounceexchange.com assets.bounceexchange.com — Cisco Umbrella Rank: 2091 api.bounceexchange.com — Cisco Umbrella Rank: 2503	163 KB
8	google.de www.google.de — Cisco Umbrella Rank: 6862	946 B
8	australiarevival.com spider.australiarevival.com — Cisco Umbrella Rank: 222073 bite.australiarevival.com — Cisco Umbrella Rank: 191944	39 KB
6	bouncex.net events.bouncex.net — Cisco Umbrella Rank: 1954	702 B
6	bing.com bat.bing.com — Cisco Umbrella Rank: 366	16 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	444 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 377 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6003	5 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 742	147 KB
5	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462 www.google-analytics.com — Cisco Umbrella Rank: 27	23 KB
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 874	498 B
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 849	1 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3022 tr.outbrain.com — Cisco Umbrella Rank: 2814 wave.outbrain.com — Cisco Umbrella Rank: 3006	9 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	249 B
3	cdnbasket.net data.cdnbasket.net — Cisco Umbrella Rank: 4377 page.cdnbasket.net — Cisco Umbrella Rank: 4382 view.cdnbasket.net — Cisco Umbrella Rank: 4384	1014 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	125 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 228 symantec.demdex.net — Cisco Umbrella Rank: 116740	5 KB
2	cdnwidget.com ids.cdnwidget.com — Cisco Umbrella Rank: 3501 e.cdnwidget.com — Cisco Umbrella Rank: 13451	330 B
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2957	122 B
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 747	633 B
2	t.co t.co — Cisco Umbrella Rank: 607	582 B
2	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 2412	1 KB
2	havasedge.com tag.havasedge.com — Cisco Umbrella Rank: 38356 event.havasedge.com — Cisco Umbrella Rank: 19768	23 KB
2	leadsrx.com app.leadsrx.com — Cisco Umbrella Rank: 9605	19 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 847	21 KB
2	quora.com a.quora.com — Cisco Umbrella Rank: 5077 q.quora.com — Cisco Umbrella Rank: 3698	15 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 648	7 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 778	7 KB
2	paypal.com www.paypal.com — Cisco Umbrella Rank: 2811 t.paypal.com — Cisco Umbrella Rank: 3468	7 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145	4 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1444 c.go-mpulse.net — Cisco Umbrella Rank: 654	41 KB
1	akstat.io 684dd311.akstat.io — Cisco Umbrella Rank: 69345	354 B
1	knotch.it aq-swa-api.knotch.it — Cisco Umbrella Rank: 7759	198 B
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2858	18 B
1	analytics-egain.com analytics.analytics-egain.com — Cisco Umbrella Rank: 26665	5 KB
1	knotch.com configs.knotch.com — Cisco Umbrella Rank: 13061	435 B
1	ojrq.net www.ojrq.net — Cisco Umbrella Rank: 5839	465 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1417	632 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1452	637 B
1	ow5a.net norton.ow5a.net — Cisco Umbrella Rank: 396409	1003 B
1	ispot.tv pt.ispot.tv — Cisco Umbrella Rank: 2651	314 B
1	gwmtracking.com 1 redirects gwmtracking.com — Cisco Umbrella Rank: 24605	388 B
1	tvspix.com tvspix.com — Cisco Umbrella Rank: 19700	194 B
1	egainonetag.com enable-eg-ot.egainonetag.com — Cisco Umbrella Rank: 385671	18 KB
1	simpli.fi tag.simpli.fi — Cisco Umbrella Rank: 4323	447 B
1	knotch-cdn.com www.knotch-cdn.com — Cisco Umbrella Rank: 9710	25 KB
1	wknd.ai tag.wknd.ai — Cisco Umbrella Rank: 4420	15 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1333	8 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1161	17 KB
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 2918	6 KB
1	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 4680	12 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 713	15 KB
1	impactradius-event.com d.impactradius-event.com — Cisco Umbrella Rank: 3721	14 KB
1	omtrdc.net symantec.tt.omtrdc.net — Cisco Umbrella Rank: 155829	2 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1275	517 B
1	nortonlifelock.com www.nortonlifelock.com — Cisco Umbrella Rank: 41900	26 KB
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 466	61 KB
264	60

	Domain	Requested by
49	us.norton.com	1 redirects us.norton.com
34	support-digital.norton.com	ensighten.norton.com support-digital.norton.com cdn.quantummetric.com
17	ensighten.norton.com	us.norton.com ensighten.norton.com
8	www.google.de	us.norton.com
8	www.google.com	2 redirects us.norton.com
7	assets.bounceexchange.com	ensighten.norton.com
7	googleads.g.doubleclick.net	2 redirects ensighten.norton.com
7	bite.australiarevival.com	ensighten.norton.com us.norton.com
6	events.bouncex.net
6	norton-app.quantummetric.com	cdn.quantummetric.com
6	bat.bing.com	ensighten.norton.com us.norton.com
6	www.googletagmanager.com	ensighten.norton.com
5	analytics.tiktok.com	ensighten.norton.com
4	tr.snapchat.com	ensighten.norton.com
4	ct.pinterest.com	ensighten.norton.com
4	www.facebook.com	us.norton.com
3	px.ads.linkedin.com	3 redirects
3	www.google-analytics.com	ensighten.norton.com
3	ad.doubleclick.net	2 redirects
3	connect.facebook.net	ensighten.norton.com
3	cdn.quantummetric.com	ensighten.norton.com support-digital.norton.com
2	rl.quantummetric.com	cdn.quantummetric.com
2	api.bounceexchange.com	ensighten.norton.com
2	us-central1-adaptive-growth.cloudfunctions.net	ensighten.norton.com
2	8136487.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	analytics.twitter.com
2	t.co
2	tr.outbrain.com	ensighten.norton.com
2	trkn.us	1 redirects
2	adservice.google.com	8136487.fls.doubleclick.net
2	app.leadsrx.com	ensighten.norton.com
2	s.pinimg.com	ensighten.norton.com
2	s.yimg.com	ensighten.norton.com
2	snap.licdn.com	ensighten.norton.com
2	www.googleadservices.com	ensighten.norton.com
2	region1.google-analytics.com	us.norton.com
2	dpm.demdex.net	assets.adobedtm.com us.norton.com
1	e.cdnwidget.com
1	ids.cdnwidget.com	ensighten.norton.com
1	684dd311.akstat.io	ensighten.norton.com
1	view.cdnbasket.net	ensighten.norton.com
1	page.cdnbasket.net	ensighten.norton.com
1	data.cdnbasket.net	ensighten.norton.com
1	aq-swa-api.knotch.it
1	stats.g.doubleclick.net	ensighten.norton.com
1	analytics.pangle-ads.com
1	analytics.analytics-egain.com	enable-eg-ot.egainonetag.com
1	configs.knotch.com	ensighten.norton.com
1	www.ojrq.net
1	event.havasedge.com
1	q.quora.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	sp.analytics.yahoo.com
1	alb.reddit.com
1	norton.ow5a.net	ensighten.norton.com
1	wave.outbrain.com	ensighten.norton.com
1	t.paypal.com
1	buy.norton.com	ensighten.norton.com
1	pt.ispot.tv
1	gwmtracking.com	1 redirects
1	tvspix.com
1	enable-eg-ot.egainonetag.com	ensighten.norton.com
1	tag.havasedge.com	ensighten.norton.com
1	tag.simpli.fi	ensighten.norton.com
1	www.knotch-cdn.com	ensighten.norton.com
1	a.quora.com	ensighten.norton.com
1	tag.wknd.ai	ensighten.norton.com
1	www.redditstatic.com	ensighten.norton.com
1	www.paypal.com	ensighten.norton.com
1	sc-static.net	ensighten.norton.com
1	cdn.pdst.fm	ensighten.norton.com
1	websdk.appsflyer.com	ensighten.norton.com
1	amplify.outbrain.com	ensighten.norton.com
1	static.ads-twitter.com	ensighten.norton.com
1	d.impactradius-event.com	ensighten.norton.com
1	spider.australiarevival.com	ensighten.norton.com
1	oms.norton.com	us.norton.com
1	c.go-mpulse.net	ensighten.norton.com
1	symantec.tt.omtrdc.net	ensighten.norton.com
1	cm.everesttech.net	1 redirects
1	symantec.demdex.net	ensighten.norton.com
1	www.nortonlifelock.com	assets.adobedtm.com
1	s.go-mpulse.net	us.norton.com
1	assets.adobedtm.com	us.norton.com
0	lifelock.norton.com Failed	ensighten.norton.com
264	86

This site contains links to these domains. Also see Links.

Domain
my.norton.com
lifelock.norton.com
www.gendigital.com
genie.norton.com
support.norton.com
community.norton.com
buy.norton.com
ar.norton.com
br.norton.com
ca.norton.com
ca-fr.norton.com
pr.norton.com
lam.norton.com
cl.norton.com
co.norton.com
mx.norton.com
be-nl.norton.com
be.norton.com
cz.norton.com
dk.norton.com
de.norton.com
es.norton.com
ie.norton.com
fr.norton.com
il.norton.com
it.norton.com
hu.norton.com
nl.norton.com
no.norton.com
at.norton.com
pl.norton.com
pt.norton.com
ro.norton.com
ch.norton.com
ch-fr.norton.com
ch-it.norton.com
za.norton.com
fi.norton.com
se.norton.com
tr.norton.com
ae.norton.com
uk.norton.com
gr.norton.com
ru.norton.com
au.norton.com
asia.norton.com
hk-en.norton.com
hk.norton.com
in.norton.com
malaysia.norton.com
nz.norton.com
sg.norton.com
kr.norton.com
cn.norton.com
tw.norton.com
jp.norton.com
www.nortonlifelock.com
login.norton.com
twitter.com
www.instagram.com
www.facebook.com
www.youtube.com
updatecenter.norton.com
www.reputationdefender.com
status.norton.com

Subject Issuer	Validity	Valid
www.norton.com DigiCert SHA2 Extended Validation Server CA	`2023-09-27` - `2024-04-18`	7 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
ensighten.norton.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-12` - `2024-07-30`	a year	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-08-22` - `2024-09-21`	a year	crt.sh
oms.norton.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-03` - `2024-10-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-17` - `2024-05-16`	a year	crt.sh
*.australiarevival.com Amazon RSA 2048 M02	`2023-02-24` - `2024-01-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-10` - `2023-11-08`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-07` - `2024-01-06`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-27` - `2024-07-27`	a year	crt.sh
cdn.pdst.fm GTS CA 1D4	`2023-09-22` - `2023-12-21`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-13` - `2024-08-20`	10 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-25` - `2024-02-21`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-09-25` - `2023-11-15`	2 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
tag.wknd.ai R3	`2023-09-21` - `2023-12-20`	3 months	crt.sh
quora.com R3	`2023-09-24` - `2023-12-23`	3 months	crt.sh
www.knotch-cdn.com Amazon RSA 2048 M02	`2023-07-17` - `2024-08-15`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.leadsrx.com GeoTrust TLS ECC CA G1	`2023-05-02` - `2024-06-01`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.havasedge.com Go Daddy Secure Certificate Authority - G2	`2023-08-09` - `2024-08-30`	a year	crt.sh
*.egainonetag.com Amazon RSA 2048 M02	`2023-08-28` - `2024-09-25`	a year	crt.sh
tvspix.com Amazon RSA 2048 M01	`2023-04-25` - `2024-05-23`	a year	crt.sh
*.ispot.tv R3	`2023-09-11` - `2023-12-10`	3 months	crt.sh
buy.norton.com DigiCert SHA2 Extended Validation Server CA	`2023-07-19` - `2024-01-25`	6 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh
pkof.net Amazon RSA 2048 M01	`2023-01-24` - `2024-02-22`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-02-28`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-10-24` - `2024-04-17`	6 months	crt.sh
misc.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
assets.bounceexchange.com GTS CA 1D4	`2023-09-22` - `2023-12-21`	3 months	crt.sh
*.quora.com R3	`2023-10-15` - `2024-01-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.ojrq.net Sectigo RSA Domain Validation Secure Server CA	`2022-12-09` - `2024-01-07`	a year	crt.sh
*.knotch.com Amazon RSA 2048 M02	`2023-07-17` - `2024-08-14`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
support-digital.norton.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-02` - `2024-05-21`	a year	crt.sh
*.analytics-egain.com Amazon RSA 2048 M03	`2023-08-07` - `2024-09-04`	a year	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
*.knotch.it Amazon RSA 2048 M01	`2023-06-25` - `2024-07-24`	a year	crt.sh
data.cdnbasket.net GTS CA 1D4	`2023-09-14` - `2023-12-13`	3 months	crt.sh
page.cdnbasket.net GTS CA 1D4	`2023-09-16` - `2023-12-15`	3 months	crt.sh
view.cdnbasket.net GTS CA 1D4	`2023-09-22` - `2023-12-21`	3 months	crt.sh
*.quantummetric.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-18` - `2024-02-13`	a year	crt.sh
ids.cdnwidget.com R3	`2023-09-14` - `2023-12-13`	3 months	crt.sh
e.cdnwidget.com R3	`2023-09-07` - `2023-12-06`	3 months	crt.sh
*.wunderkind.co R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://us.norton.com/blog/emerging-threats/norton-email-scams
Frame ID: 92162A52BCC4A5E14B80C0B77F9E53E1
Requests: 213 HTTP requests in this frame

Frame: https://symantec.demdex.net/dest5.html?d_nsid=0
Frame ID: 0A285945B9E9E628A48E7CAE320ED626
Requests: 1 HTTP requests in this frame

Frame: https://lifelock.norton.com/
Frame ID: 7B5659852A0A37EED666CD1892E9D7F4
Requests: 2 HTTP requests in this frame

Frame: https://8136487.fls.doubleclick.net/activityi;dc_pre=CM70rtiZoYIDFQNMwgodWFwEAg;src=8136487;type=lp;cat=unive0;ord=1;num=2309552162059;auiddc=1516015907.1698786720;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=undefined;gtm=45fe3ap0;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams
Frame ID: 42BF2DC3CF3DE9B5B5BDA7B77F46C4DF
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=08bef49b-4b6f-474e-958b-5a0be7a0227e&u_scsid=63074924-a6e3-42c7-80c0-ade5e653d7c6&u_sclid=657afc45-d177-40e1-aff8-c4ebe656f9a7
Frame ID: DE45236E7F7DA0FCD9CF89DCF640D3EB
Requests: 1 HTTP requests in this frame

Frame: https://analytics.analytics-egain.com/iframe/EG94020756
Frame ID: 340CB260B5D89BBE3787E9AA829B88B4
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 2F4F91FE2D39CF15629AEFB1B0FA6FFA
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: DE97B08E366555A88C1EE229377E5D5C
Requests: 1 HTTP requests in this frame

Frame: https://support-digital.norton.com/system/templates/chat/egain-docked-chat.js
Frame ID: 42885CE190AF7D86377A68067590C03B
Requests: 1 HTTP requests in this frame

Frame: https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&t=1698786721215&v=1698786721922&z=1&S=0&N=0&P=0
Frame ID: D9191FAD4044438CD599E180772A1A38
Requests: 8 HTTP requests in this frame

Frame: https://support-digital.norton.com/system/cb/cs/checkSession.html?wsname=https://us.norton.com
Frame ID: 1D5F55D338AFA55F1A06F3F806A92708
Requests: 1 HTTP requests in this frame

Frame: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
Frame ID: 1E7135D9EABF39664E70FAD3EDBA52CA
Requests: 29 HTTP requests in this frame

Frame: https://cdn.quantummetric.com/helpers/blank
Frame ID: B62AF865A587DC078EAAA2F0DA1C82AA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Norton email scams: Answers to Your Frequently Asked Questions (FAQs) - Norton

Page URL History Show full URLs

http://us.norton.com/blog/emerging-threats/norton-email-scams HTTP 301
https://us.norton.com/blog/emerging-threats/norton-email-scams Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

264
Requests

95 %
HTTPS

36 %
IPv6

60
Domains

86
Subdomains

80
IPs

7
Countries

2665 kB
Transfer

8865 kB
Size

92
Cookies

96 Outgoing links

These are links going to different origins than the main page.

URL: https://my.norton.com/extspa/dashboard/Home?inid=nortoncom_nav_mynorton_home_blog:norton-email-scams
Title: Go to account

Search URL Search Domain Scan URL

URL: https://my.norton.com/extspa/dashboard/Home?inid=nortoncom_nav_mynorton_home2_blog:norton-email-scams
Title: Sign In

Search URL Search Domain Scan URL

URL: https://my.norton.com/account/home?inid=nortoncom_nav_mynorton_home_blog:norton-email-scams
Title: Account info

Search URL Search Domain Scan URL

URL: https://my.norton.com/account/home?inid=nortoncom_nav_mynorton_home2_blog:norton-email-scams
Title: Preferences

Search URL Search Domain Scan URL

URL: https://my.norton.com/Account/billinginformation?inid=nortoncom_nav_mynorton_billinginformation_blog:norton-email-scams
Title: Billing info

Search URL Search Domain Scan URL

URL: https://my.norton.com/account/home?inid=nortoncom_nav_mynorton_home3_blog:norton-email-scams
Title: Renew

Search URL Search Domain Scan URL

URL: https://my.norton.com/Account/orders?inid=nortoncom_nav_mynorton_orders_blog:norton-email-scams
Title: Order history

Search URL Search Domain Scan URL

URL: https://my.norton.com/onboard/home/setup?inid=nortoncom_nav_mynorton_setup_blog:norton-email-scams
Title: Enter your Product Key

Search URL Search Domain Scan URL

URL: https://lifelock.norton.com/?inid=nortoncom_nav_lifelock.norton.com_blog:norton-email-scams
Title: LifeLock Identity Protection

Search URL Search Domain Scan URL

URL: https://www.gendigital.com/us/en/partner/?inid=nortoncom_nav_logo_blog:norton-email-scams
Title: Partner with Us

Search URL Search Domain Scan URL

URL: https://genie.norton.com/?inid=nortoncom_nav_logo_blog:norton-email-scams
Title: Genie Scam Detector NEW

Search URL Search Domain Scan URL

URL: https://support.norton.com/?inid=nortoncom_nav_support_blog:norton-email-scams
Title: Customer Support

Search URL Search Domain Scan URL

URL: https://community.norton.com/en?inid=nortoncom_nav_community_blog:norton-email-scams
Title: Community

Search URL Search Domain Scan URL

URL: https://buy.norton.com/ps?multipage=true&inid=nortoncom_nav_store_blog:norton-email-scams

Search URL Search Domain Scan URL

URL: https://my.norton.com/extspa/dashboard/Home?inid=nortoncom_nav_mynorton_home3_blog:norton-email-scams
Title: Go to account

Search URL Search Domain Scan URL

URL: https://my.norton.com/extspa/dashboard/Home?inid=nortoncom_nav_mynorton_home4_blog:norton-email-scams
Title: Sign In

Search URL Search Domain Scan URL

URL: https://my.norton.com/account/home?inid=nortoncom_nav_mynorton_home4_blog:norton-email-scams
Title: Account info

Search URL Search Domain Scan URL

URL: https://my.norton.com/account/home?inid=nortoncom_nav_mynorton_home5_blog:norton-email-scams
Title: Preferences

Search URL Search Domain Scan URL

URL: https://my.norton.com/Account/billinginformation?inid=nortoncom_nav_mynorton_billinginformation2_blog:norton-email-scams
Title: Billing info

Search URL Search Domain Scan URL

URL: https://my.norton.com/account/home?inid=nortoncom_nav_mynorton_home6_blog:norton-email-scams
Title: Renew

Search URL Search Domain Scan URL

URL: https://my.norton.com/Account/orders?inid=nortoncom_nav_mynorton_orders2_blog:norton-email-scams
Title: Order history

Search URL Search Domain Scan URL

URL: https://my.norton.com/onboard/home/setup?inid=nortoncom_nav_mynorton_setup2_blog:norton-email-scams
Title: Enter your Product Key

Search URL Search Domain Scan URL

URL: https://ar.norton.com/
Title: Argentina

Search URL Search Domain Scan URL

URL: https://br.norton.com/
Title: Brasil

Search URL Search Domain Scan URL

URL: https://ca.norton.com/
Title: Canada (English)

Search URL Search Domain Scan URL

URL: https://ca-fr.norton.com/
Title: Canada (Français)

Search URL Search Domain Scan URL

URL: https://pr.norton.com/
Title: Caribbean (English)

Search URL Search Domain Scan URL

URL: https://lam.norton.com/
Title: Caribe (Español)

Search URL Search Domain Scan URL

URL: https://cl.norton.com/
Title: Chile

Search URL Search Domain Scan URL

URL: https://co.norton.com/
Title: Colombia

Search URL Search Domain Scan URL

URL: https://mx.norton.com/
Title: México

Search URL Search Domain Scan URL

URL: https://be-nl.norton.com/
Title: België (Nederlands)

Search URL Search Domain Scan URL

URL: https://be.norton.com/
Title: Belgique (Français)

Search URL Search Domain Scan URL

URL: https://cz.norton.com/
Title: Česko

Search URL Search Domain Scan URL

URL: https://dk.norton.com/
Title: Danmark

Search URL Search Domain Scan URL

URL: https://de.norton.com/
Title: Deutschland

Search URL Search Domain Scan URL

URL: https://es.norton.com/
Title: España

Search URL Search Domain Scan URL

URL: https://ie.norton.com/
Title: Estonia (English)

Search URL Search Domain Scan URL

URL: https://fr.norton.com/
Title: France

Search URL Search Domain Scan URL

URL: https://il.norton.com/
Title: Israel (English)

Search URL Search Domain Scan URL

URL: https://it.norton.com/
Title: Italia

Search URL Search Domain Scan URL

URL: https://hu.norton.com/
Title: Magyarország

Search URL Search Domain Scan URL

URL: https://nl.norton.com/
Title: Nederland

Search URL Search Domain Scan URL

URL: https://no.norton.com/
Title: Norge

Search URL Search Domain Scan URL

URL: https://at.norton.com/
Title: Österreich

Search URL Search Domain Scan URL

URL: https://pl.norton.com/
Title: Polska

Search URL Search Domain Scan URL

URL: https://pt.norton.com/
Title: Portugal

Search URL Search Domain Scan URL

URL: https://ro.norton.com/
Title: România

Search URL Search Domain Scan URL

URL: https://ch.norton.com/
Title: Schweiz (Deutsch)

Search URL Search Domain Scan URL

URL: https://ch-fr.norton.com/
Title: Suisse (Français)

Search URL Search Domain Scan URL

URL: https://ch-it.norton.com/
Title: Svizzera (Italiano)

Search URL Search Domain Scan URL

URL: https://za.norton.com/
Title: South Africa

Search URL Search Domain Scan URL

URL: https://fi.norton.com/
Title: Suomi

Search URL Search Domain Scan URL

URL: https://se.norton.com/
Title: Sverige

Search URL Search Domain Scan URL

URL: https://tr.norton.com/
Title: Türkiye

Search URL Search Domain Scan URL

URL: https://ae.norton.com/
Title: United Arab Emirates (English)

Search URL Search Domain Scan URL

URL: https://uk.norton.com/
Title: United Kingdom

Search URL Search Domain Scan URL

URL: https://gr.norton.com/
Title: Ελλάδα

Search URL Search Domain Scan URL

URL: https://ru.norton.com/
Title: Россия

Search URL Search Domain Scan URL

URL: https://au.norton.com/
Title: Australia

Search URL Search Domain Scan URL

URL: https://asia.norton.com/
Title: Cambodia (English)

Search URL Search Domain Scan URL

URL: https://hk-en.norton.com/
Title: Hong Kong (English)

Search URL Search Domain Scan URL

URL: https://hk.norton.com/
Title: 香港

Search URL Search Domain Scan URL

URL: https://in.norton.com/
Title: India (English)

Search URL Search Domain Scan URL

URL: https://malaysia.norton.com/
Title: Malaysia (English)

Search URL Search Domain Scan URL

URL: https://nz.norton.com/
Title: New Zealand

Search URL Search Domain Scan URL

URL: https://sg.norton.com/
Title: Singapore (English)

Search URL Search Domain Scan URL

URL: https://kr.norton.com/
Title: 대한민국

Search URL Search Domain Scan URL

URL: https://cn.norton.com/
Title: 中国

Search URL Search Domain Scan URL

URL: https://tw.norton.com/
Title: 台灣

Search URL Search Domain Scan URL

URL: https://jp.norton.com/
Title: 日本

Search URL Search Domain Scan URL

URL: https://support.norton.com/sp/en/us/home/current/solutions/v71088498
Title: this verification link

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/blogs/feature-stories/fraudulent-use-nortonlifelock-brand
Title: this article

Search URL Search Domain Scan URL

URL: https://login.norton.com/sso/idp/OIDC?client_id=YK73XHSPCM%2Fmy.norton.com%2Fnortonlifelock&redirect_uri=https%3A%2F%2Fmy.norton.com%2Fsignin-norton&response_type=code&scope=openid%20profile%20email%20address%20phone%20spa_auth%20session_state%20device_all%20ngp_ncs_read%20ngp_ncs_write%20nf_ncs_read%20nf_ncs_write%20cloudconnect&code_challenge=nwYIjDH0F25cSxfdMYbMOSQi2K_xCq2iquJfBbdTR90&code_challenge_method=S256&response_mode=form_post&nonce=637849461454472776.NzBjZDAzNDYtZDI5MC00ODA3LWFjNTItZTk1ODcxYTQ0MWM5MWY2ZDZiYWMtMmYxZS00MjFhLWI4NTktYzZkYjMwOWM2YmU5&acr_values=&state=CfDJ8J-OdNvQpylAmih5fFP_k2bWwVkuMcDhZ2tVDHeOwg3jkOVOU4U9XdJyjIguBIoIJxwJw-THCan--_lafDnggVTjU4ioXGidxbeCxmMkKStQ0iIIx3T3h4JLlMSgu3ik_MdzpKRLpgFodR5-IR22MI89VJYDd_td8mqKkAuNYtYWKJ9PW1C7WhFpFtPnb1xnh8fBXngSJNTFBBbqOQk95dTVoQjk0KxmS-jymF9tJMsCabzhhfTTdfbD2VgTnTs7fL9IN2laub-pmEhxcAYm6vy5HE2uW7b3swIK2u_DV22tjaDiNMc9LU_iINLu6K2Bi7HvHtXVPizT4XPeDI-kd90fr-z7AZ1qYKii2_QoHlB3H8td_PQtEXOsDchRbGZbICD31-r8yog1YuHqJvUGXKmjxMnWtKXgcxEnjYCTFP2m2M6yJ6TL6yiSd570lL1mZDQNvOvN_N3zR3Nsi5dx_xm8-dBGtUpg8_WjWfYkWHnJJVEOSZLF33kN9SsIjpe4_qQELsyhg-MnxAH0NrMxbeEGdtVRQCgoHVgWQ480ESwAnrB2-1d9yyo5Q7N8yoOaARs_ScVPOlP6f6EAULQWTg0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=5.5.0.0
Title: membership portal

Search URL Search Domain Scan URL

URL: http://support.norton.com/
Title: support.norton.com

Search URL Search Domain Scan URL

URL: https://twitter.com/norton

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nortonsecurity/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/Norton

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/norton

Search URL Search Domain Scan URL

URL: https://genie.norton.com/
Title: Genie Scam Detector

Search URL Search Domain Scan URL

URL: https://support.norton.com/
Title: Norton Support

Search URL Search Domain Scan URL

URL: http://updatecenter.norton.com/
Title: Norton Update Center

Search URL Search Domain Scan URL

URL: https://community.norton.com/en
Title: Community

Search URL Search Domain Scan URL

URL: https://login.norton.com/
Title: Sign In

Search URL Search Domain Scan URL

URL: https://lifelock.norton.com/
Title: LifeLock by Norton

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/
Title: NortonLifeLock

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/us/en/partner/
Title: NortonLifeLock Partners

Search URL Search Domain Scan URL

URL: https://www.reputationdefender.com/
Title: ReputationDefender by Norton

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/about/legal
Title: Legal

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/about/legal/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/us/en/privacy/do-not-sell/
Title: Do Not Sell or Share My Personal Data

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/accessibility-policy
Title: Accessibility Policy

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/sitemap
Title: Site Map

Search URL Search Domain Scan URL

URL: https://status.norton.com/
Title: System Status

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/us/en/privacy/cookies-and-analytics/
Title: Learn more

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://us.norton.com/blog/emerging-threats/norton-email-scams HTTP 301
https://us.norton.com/blog/emerging-threats/norton-email-scams Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://cm.everesttech.net/cm/dd?d_uuid=71969486933090157213878057103923003545 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUFtnwAAANdPhgN6

Request Chain 88

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=79600172&cv=11&fst=1698786720417&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=1516015907.1698786720&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&ocp_id=oG1BZeChHPuV9u8P0O2C2AU&sscte=1&crd=&pscrd=Ek9DaEVJOE11Q3FnWVE0b3p6M2VhLWxJX3FBUkltQURxRFdFeFNjVU5XNUFldUE5aUJrMTJsMnFMdHF1bDg2bndIQ3dCNXJNQmc5U0J4SGVNGlpDaEVJOE11Q3FnWVF2ZnVYa2E3MTdhM21BUkl1QUpSTTYzeXBWMGpsa0h5aEFnRWRyUENrb19kQVVrVW15aHlwTXdIanN0X2d1aGtiMndoanVQRE42bldhMkEiEwjg8ZbYmaGCAxX7iv0HHdC2AFs HTTP 302
https://www.google.com/pagead/1p-conversion/1043330685/?random=79600172&cv=11&fst=1698786720417&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=1516015907.1698786720&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE11Q3FnWVE0b3p6M2VhLWxJX3FBUkltQURxRFdFeFNjVU5XNUFldUE5aUJrMTJsMnFMdHF1bDg2bndIQ3dCNXJNQmc5U0J4SGVNGlpDaEVJOE11Q3FnWVF2ZnVYa2E3MTdhM21BUkl1QUpSTTYzeXBWMGpsa0h5aEFnRWRyUENrb19kQVVrVW15aHlwTXdIanN0X2d1aGtiMndoanVQRE42bldhMkEiEwjg8ZbYmaGCAxX7iv0HHdC2AFs&is_vtc=1&ocp_id=oG1BZeChHPuV9u8P0O2C2AU&cid=CAQSKQDICaaNJL1aci0AXd-K_IKdTRe4Rp1SJ5OlvajIrP2emDB_ydv21dhf&random=390011909 HTTP 302
https://www.google.de/pagead/1p-conversion/1043330685/?random=79600172&cv=11&fst=1698786720417&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=1516015907.1698786720&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE11Q3FnWVE0b3p6M2VhLWxJX3FBUkltQURxRFdFeFNjVU5XNUFldUE5aUJrMTJsMnFMdHF1bDg2bndIQ3dCNXJNQmc5U0J4SGVNGlpDaEVJOE11Q3FnWVF2ZnVYa2E3MTdhM21BUkl1QUpSTTYzeXBWMGpsa0h5aEFnRWRyUENrb19kQVVrVW15aHlwTXdIanN0X2d1aGtiMndoanVQRE42bldhMkEiEwjg8ZbYmaGCAxX7iv0HHdC2AFs&is_vtc=1&ocp_id=oG1BZeChHPuV9u8P0O2C2AU&cid=CAQSKQDICaaNJL1aci0AXd-K_IKdTRe4Rp1SJ5OlvajIrP2emDB_ydv21dhf&random=390011909&ipr=y

Request Chain 116

https://gwmtracking.com/p/v/1/59bc0993f8708105b27e9bf1/format/img HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9309239;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9309239;dc_pre=CJHA2diZoYIDFc_lmgod8pkDGg;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9309239;dc_pre=CJHA2diZoYIDFc_lmgod8pkDGg;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 118

https://trkn.us/pixel/c?ppt=22243&g=norton_visits&gid=51843&ord=996784170 HTTP 302
https://trkn.us/pixel/c?ppt=22243&g=norton_visits&gid=51843&ord=996784170&ip=80.255.10.203&cuidchk=1

Request Chain 132

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=642621891&cv=11&fst=1698786720654&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=sale&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=1516015907.1698786720&uamb=0&uaw=0&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dnorton-email-scams%3Becomm_traffic_source%3Ddirect&fmt=3&ct_cookie_present=false&ocp_id=oG1BZYLDKOPP7_UPyLqQYA&sscte=1&crd=&pscrd=Ek9DaEVJOE11Q3FnWVE0b3p6M2VhLWxJX3FBUkltQURxRFdFeFNjVU5XNUFldUE5aUJrMTJsMnFMdHF1bDg2bndIQ3dCNXJNQmc5U0J4SGVNGlpDaEVJOE11Q3FnWVF2ZnVYa2E3MTdhM21BUkl1QUpSTTYzd19zV0VfWC0yeHh1U0RVWUNfVWJrdTRzaWt0YzRxSUpyR0FDZF8wZHR1Ynd1enlvdkFudTJIVmciEwiCk6PYmaGCAxXj57sIHUgdBAw HTTP 302
https://www.google.com/pagead/1p-conversion/1043330685/?random=642621891&cv=11&fst=1698786720654&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=sale&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=1516015907.1698786720&uamb=0&uaw=0&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dnorton-email-scams%3Becomm_traffic_source%3Ddirect&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE11Q3FnWVE0b3p6M2VhLWxJX3FBUkltQURxRFdFeFNjVU5XNUFldUE5aUJrMTJsMnFMdHF1bDg2bndIQ3dCNXJNQmc5U0J4SGVNGlpDaEVJOE11Q3FnWVF2ZnVYa2E3MTdhM21BUkl1QUpSTTYzd19zV0VfWC0yeHh1U0RVWUNfVWJrdTRzaWt0YzRxSUpyR0FDZF8wZHR1Ynd1enlvdkFudTJIVmciEwiCk6PYmaGCAxXj57sIHUgdBAw&is_vtc=1&ocp_id=oG1BZYLDKOPP7_UPyLqQYA&cid=CAQSKQDICaaNswYKc_gF_Y2_mWDw68oJFEoUvDZkprqCxfzCkpZ-lwZV38yz&random=1377973724 HTTP 302
https://www.google.de/pagead/1p-conversion/1043330685/?random=642621891&cv=11&fst=1698786720654&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=sale&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=1516015907.1698786720&uamb=0&uaw=0&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dnorton-email-scams%3Becomm_traffic_source%3Ddirect&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE11Q3FnWVE0b3p6M2VhLWxJX3FBUkltQURxRFdFeFNjVU5XNUFldUE5aUJrMTJsMnFMdHF1bDg2bndIQ3dCNXJNQmc5U0J4SGVNGlpDaEVJOE11Q3FnWVF2ZnVYa2E3MTdhM21BUkl1QUpSTTYzd19zV0VfWC0yeHh1U0RVWUNfVWJrdTRzaWt0YzRxSUpyR0FDZF8wZHR1Ynd1enlvdkFudTJIVmciEwiCk6PYmaGCAxXj57sIHUgdBAw&is_vtc=1&ocp_id=oG1BZYLDKOPP7_UPyLqQYA&cid=CAQSKQDICaaNswYKc_gF_Y2_mWDw68oJFEoUvDZkprqCxfzCkpZ-lwZV38yz&random=1377973724&ipr=y

Request Chain 139

https://8136487.fls.doubleclick.net/activityi;src=8136487;type=lp;cat=unive0;ord=1;num=2309552162059;auiddc=1516015907.1698786720;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=undefined;gtm=45fe3ap0;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams HTTP 302
https://8136487.fls.doubleclick.net/activityi;dc_pre=CM70rtiZoYIDFQNMwgodWFwEAg;src=8136487;type=lp;cat=unive0;ord=1;num=2309552162059;auiddc=1516015907.1698786720;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=undefined;gtm=45fe3ap0;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams

Request Chain 149

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1698786720841&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1698786720841&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2504060%26time%3D1698786720841%26url%3Dhttps%253A%252F%252Fus.norton.com%252Fblog%252Femerging-threats%252Fnorton-email-scams%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1698786720841&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1698786720841&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&cookiesTest=true&liSync=true&e_ipv6=AQLoClki__Nv_AAAAYuHlD83Tc5Kv8yTw4I78xT3X5vB-UnVFQNrq_umtx4B2ui14g

264 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request norton-email-scams Show response
us.norton.com/blog/emerging-threats/
Redirect Chain

http://us.norton.com/blog/emerging-threats/norton-email-scams
https://us.norton.com/blog/emerging-threats/norton-email-scams

152 KB
28 KB

62ms
30ms

Document
text/html

2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

721ce4f2e9528ece743ec5b0e26e32abef4ffbd4fb8f35ef33df50e125754d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 27163
content-type: text/html;charset=utf-8
date: Tue, 31 Oct 2023 21:11:58 GMT
etag: W/"23bd9-608e614b972ef-gzip"
last-modified: Mon, 30 Oct 2023 02:49:03 GMT
link: <https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-700.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-800.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-400.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-500.woff2>;rel="preload";as="font";type="font/woff2";crossorigin <https://www.nortonlifelock.com>;rel="preconnect",<https://cdn.quantummetric.com>;rel="preconnect",<https://spider.australiarevival.com>;rel="preconnect",<https://connect.facebook.net>;rel="preconnect",<https://bite.australiarevival.com>;rel="preconnect",<https://symantec.demdex.net>;rel="preconnect" <https://assets.adobedtm.com>;rel="preconnect",<https://ensighten.norton.com>;rel="preconnect"
server: Apache
server-timing: cdn-cache; desc=HIT edge; dur=15 origin; dur=0 ak_p; desc="1698786718940_34824558_90963185_1559_3828_9_21_255";dur=1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-akam-sw-version: 0.5.0
x-akamai-transformed: 9 23682 0 pmb=mNONE,1mRUM,2
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Tue, 31 Oct 2023 21:11:58 GMT
Location: https://us.norton.com/blog/emerging-threats/norton-email-scams
Server: AkamaiGHost
Server-Timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1698786718915_34824558_90963162_13_3175_9_0_-";dur=1

GET
H2 200 inter-latin-700.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 37 KB
37 KB 29ms
28ms Font
application/octet-stream 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-700.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

799c2b76f617ebe6cf5c90e376212faa5fd523abb39325cf4fbd848c3c9c930b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
Origin: https://us.norton.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
last-modified: Tue, 03 May 2022 18:30:59 GMT
server: Apache
etag: "9394-5de1fb5ccbec0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=30797705
server-timing: cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="1698786718995_34824558_90963197_399_2817_9_0_219";dur=1
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Tue, 22 Oct 2024 08:07:04 GMT

GET
H2 200 inter-latin-800.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 37 KB
37 KB 22ms
21ms Font
application/octet-stream 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-800.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

799c2b76f617ebe6cf5c90e376212faa5fd523abb39325cf4fbd848c3c9c930b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
Origin: https://us.norton.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
last-modified: Tue, 03 May 2022 18:30:59 GMT
server: Apache
etag: "9394-5de1fb5ccbec0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=30797671
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786718998_34824558_90963199_67_2718_9_0_219";dur=1
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Tue, 22 Oct 2024 08:06:30 GMT

GET
H2 200 inter-latin-400.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 37 KB
37 KB 19ms
18ms Font
application/octet-stream 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-400.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

799c2b76f617ebe6cf5c90e376212faa5fd523abb39325cf4fbd848c3c9c930b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
Origin: https://us.norton.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
last-modified: Tue, 03 May 2022 18:30:59 GMT
server: Apache
etag: "9394-5de1fb5ccbec0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=30784717
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786718998_34824558_90963200_86_2592_9_0_219";dur=1
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Tue, 22 Oct 2024 04:30:36 GMT

GET
H2 200 inter-latin-500.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 37 KB
37 KB 32ms
32ms Font
application/octet-stream 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-500.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

799c2b76f617ebe6cf5c90e376212faa5fd523abb39325cf4fbd848c3c9c930b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
Origin: https://us.norton.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
last-modified: Tue, 03 May 2022 18:30:59 GMT
server: Apache
etag: "9394-5de1fb5ccbec0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=30798737
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786718999_34824558_90963201_86_2571_9_0_219";dur=1
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Tue, 22 Oct 2024 08:24:16 GMT

GET
H2 200 t-base-critical.min.5d4850a91539a500c130d934603e51d2.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/templates/ 101 KB
9 KB 15ms
14ms Stylesheet
text/css 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/templates/t-base-critical.min.5d4850a91539a500c130d934603e51d2.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

4d81a2ce193279971bf912257ddeab54de07b42ca4b17be73cd0bca04ee7af41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786718999_34824558_90963202_67_2486_9_0_255";dur=1
content-length: 8599
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Oct 2023 18:44:01 GMT
server: Akamai Resource Optimizer
etag: "1924e-60296dceaf6c0-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=31535898
accept-ranges: bytes
expires: Wed, 30 Oct 2024 21:10:17 GMT

GET
H2 200 runtime.min.3e509b6fbb60e3bacdc070373e53e258.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/templates/ 1 KB
1 KB 35ms
35ms Script
application/javascript 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/templates/runtime.min.3e509b6fbb60e3bacdc070373e53e258.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

7e549f1fcfab734025757f85babfcf8a8f2eef7e88aae11c61d5b4900f2fa166

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=9, origin; dur=0, ak_p; desc="1698786718999_34824558_90963204_893_2424_9_0_219";dur=1
content-length: 722
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Apr 2022 07:32:50 GMT
server: Apache
etag: "5d4-5dc842f3eec80-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=900
accept-ranges: bytes
expires: Tue, 31 Oct 2023 21:26:59 GMT

GET
H2 200 launch-EN1cc7556280444b10a3c687a73ed01baa.min.js Show response
assets.adobedtm.com/ 184 KB
61 KB 57ms
8ms Script
application/x-javascript 2a02:26f0:3100:787::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100:787::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b305b33d6add58c9c895b0c20f97d3085b4c11b8d6856d76e762699f29627a6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:11:59 GMT
content-encoding: gzip
last-modified: Wed, 30 Aug 2023 19:38:00 GMT
server: AkamaiNetStorage
etag: "09fa8dc3a98f1a874a908517f84d8cfa:1693424280.731046"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://us.norton.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 61911
expires: Tue, 31 Oct 2023 22:11:59 GMT

GET
H2 200 Bootstrap.js Show response
ensighten.norton.com/symantec/aemprod/ 615 KB
103 KB 116ms
36ms Script
application/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: cb41da0d57027d3c3b757102639c45d2a67ad6aea34a27f3d9d1e6ff051cfafc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:11:59 GMT
x-amz-version-id: YIb3HFqMT4odZpKMjXU9rCfg_qBPKCeE
content-encoding: br
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 6396
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 19:24:52 GMT
server: CloudFront
etag: W/"72159ae98d894cde82e7b756e78ff524"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: ICnK7SQ2dGk8EYhBW7VbZyvEEMuoDKTmZZYT_Kzzt6IZYjD7451SSQ==

GET
H2 200 stickybanner.min.efc144216219e5a0aa5884f27c8bcd1a.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 3 KB
992 B 16ms
16ms Stylesheet
text/css 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/stickybanner.min.efc144216219e5a0aa5884f27c8bcd1a.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

43f80764e0d9752a9552f8183c96c294ef1676e4e81e116103c5c2583558b819

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786718999_34824558_90963203_63_2456_9_0_255";dur=1
content-length: 574
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Oct 2023 17:41:26 GMT
server: Akamai Resource Optimizer
etag: "c29-5e42d78ce4ac0-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=30996822
accept-ranges: bytes
expires: Thu, 24 Oct 2024 15:25:41 GMT

GET
H2 200 stickybanner.min.4303bf537312913152388a4a5e9415aa.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 2 KB
1 KB 44ms
38ms Script
application/javascript 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/stickybanner.min.4303bf537312913152388a4a5e9415aa.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

013bf59b8f0226c32593d1ecdc756b9cda5d1cc729e2d27f640b1731d69d525f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=8, origin; dur=0, ak_p; desc="1698786719091_34824558_90963254_904_2765_14_0_146";dur=1
content-length: 605
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Oct 2023 19:41:25 GMT
server: Akamai Resource Optimizer
etag: "605-6087a8c3b6900-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 21:11:59 GMT

GET
H2 200 topnav.min.d8d162235186b8652dca48d1064e73ac.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 21 KB
3 KB 27ms
26ms Stylesheet
text/css 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/topnav.min.d8d162235186b8652dca48d1064e73ac.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

fdb3f80ad6876da45ed4e07db6bdb29b314f2a272ff97bfa9889e4b6e4740f52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=10, origin; dur=0, ak_p; desc="1698786718999_34824558_90963205_971_2398_9_0_255";dur=1
content-length: 3132
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Aug 2023 19:47:16 GMT
server: Apache
etag: "5291-60296dcfa3900-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=900
accept-ranges: bytes
expires: Tue, 31 Oct 2023 21:26:59 GMT

GET
H2 200 icon_myaccount.svg
us.norton.com/content/dam/norton/icon/ 2 KB
1 KB 36ms
35ms Image
image/svg+xml 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/icon_myaccount.svg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

9cae17c82ee21eebeb7713ea50198ae11522924f892e3ea70d0e38ae84a70f1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
last-modified: Mon, 16 Oct 2023 17:51:36 GMT
server: Akamai Resource Optimizer
etag: "929-5d76cef225e00"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="icon_myaccount.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786718999_34824558_90963206_172_3197_9_0_182";dur=1
accept-ranges: bytes
content-length: 851
x-xss-protection: 1; mode=block

GET
H2 200 icon_flag_united_states.svg
us.norton.com/content/dam/norton/icon/flag/ 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/flag/icon_flag_united_states.svg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

7adb2fbfe7954dc15cd52b3fd050b57f65d2cd79987544247664929134329f25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
last-modified: Sun, 22 Oct 2023 16:41:14 GMT
server: Akamai Resource Optimizer
etag: "914-5fc895e938ac0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="icon_flag_united_states.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786718999_34824558_90963207_96_3121_9_0_182";dur=1
accept-ranges: bytes
content-length: 932
x-xss-protection: 1; mode=block

GET
H2 200 logo_norton_d.svg
us.norton.com/content/dam/norton/logo/ 7 KB
3 KB 19ms
19ms Image
image/svg+xml 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/logo/logo_norton_d.svg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

d92510e1217668642bc5364d01f23adc6a2462587993f16a0eb3e58678902165

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
last-modified: Mon, 23 Oct 2023 08:14:40 GMT
server: Akamai Resource Optimizer
etag: "1dfd-5d76cef6ea940"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="logo_norton_d.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719018_34824558_90963217_53_3776_9_0_182";dur=1
accept-ranges: bytes
content-length: 2312
x-xss-protection: 1; mode=block

GET
H2 200 icon_ui_cart_empty_m_2x.png
us.norton.com/content/dam/norton/cb/ 684 B
999 B 29ms
23ms Image
image/png 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/cb/icon_ui_cart_empty_m_2x.png

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

ebdf93991a2ed22745d06711d88be171680e237cc52491457833f82fc4639937

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:11:59 GMT
last-modified: Wed, 19 Jul 2023 18:41:13 GMT
server: Akamai Image Manager
etag: "2ac-5dada4b52da40"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: private, no-transform, max-age=595654
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719091_34824558_90963255_91_4711_16_0_146";dur=1
content-length: 684
expires: Tue, 07 Nov 2023 18:39:33 GMT

GET
H2 200 icon_ui_search_m_2x.png
us.norton.com/content/dam/norton/cb/ 700 B
1 KB 29ms
23ms Image
image/png 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/cb/icon_ui_search_m_2x.png

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

963adb4be5eee8f53bd330e7a6b03749ffb2de194b69705b25c0be94b86aa1b7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:11:59 GMT
last-modified: Wed, 19 Jul 2023 18:16:01 GMT
server: Akamai Image Manager
x-serial: 948
x-check-cacheable: YES
etag: "2bc-5dada4b068f00"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: private, no-transform, max-age=594209
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719091_34824558_90963256_102_4604_16_0_146";dur=1
content-length: 700
expires: Tue, 07 Nov 2023 18:15:28 GMT

GET
H2 200 country-selector.min.5d85ae94786b6a7c5d3798c94fd577bf.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 6 KB
2 KB 79ms
71ms Stylesheet
text/css 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/country-selector.min.5d85ae94786b6a7c5d3798c94fd577bf.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

01a35bb43d6af1d38f1240aa5e4935892e9feb2888813b1f41bea599be833f53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=52, origin; dur=0, ak_p; desc="1698786719088_34824558_90963242_5462_2299_9_0_182";dur=1
content-length: 1237
x-xss-protection: 1; mode=block
last-modified: Mon, 15 May 2023 20:03:46 GMT
server: Apache
etag: "1892-5fbc0f3cacc80-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=900
accept-ranges: bytes
expires: Tue, 31 Oct 2023 21:26:59 GMT

GET
H2 200 icon_close.svg
us.norton.com/content/dam/norton/icon/ 2 KB
855 B 29ms
24ms Image
image/svg+xml 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/icon_close.svg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

047326738d40c8e278c7e117df1ae29260ccb40ea994b650075a3c669f85046d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
last-modified: Mon, 16 Oct 2023 17:10:13 GMT
server: Akamai Resource Optimizer
etag: "677-5fca0275e1f40"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="icon_close.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719091_34824558_90963257_187_3164_16_0_146";dur=1
accept-ranges: bytes
content-length: 454
x-xss-protection: 1; mode=block

GET
H2 200 icon_chevrondown.svg
us.norton.com/content/dam/norton/icon/ 644 B
703 B 30ms
24ms Image
image/svg+xml 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/icon_chevrondown.svg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

0afb5adee300f91b2ac3acb6feab6c55078727db7612d20fa5f5542640637d4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
last-modified: Mon, 16 Oct 2023 16:57:40 GMT
server: Akamai Resource Optimizer
etag: "284-5fca01f42ed40"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="icon_chevrondown.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719091_34824558_90963258_192_2956_16_0_146";dur=1
accept-ranges: bytes
content-length: 297
x-xss-protection: 1; mode=block

GET
H2 200 country-selector.min.d0a5df0b8e47e4c0a9697643c1a05546.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 5 KB
2 KB 21ms
13ms Script
application/javascript 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/country-selector.min.d0a5df0b8e47e4c0a9697643c1a05546.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

4d35b10d4cb1628be93f5e6ed8b3f3316d960f49e08d731a4c6169affdf96e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719085_34824558_90963243_61_2598_16_0_182";dur=1
content-length: 1635
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Oct 2023 18:44:25 GMT
server: Akamai Resource Optimizer
etag: "15f1-60296dcfa3900-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31535980
accept-ranges: bytes
expires: Wed, 30 Oct 2024 21:11:39 GMT

GET
H2 200 topnav.min.e93b8212f23c94f85661469fc7ebad94.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 8 KB
2 KB 44ms
39ms Script
application/javascript 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/topnav.min.e93b8212f23c94f85661469fc7ebad94.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

651e2cfed4c79edb94e0d38b81dd5301df0b4180248c1f04045045255b187d7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719094_34824558_90963259_441_2722_16_0_146";dur=1
content-length: 1903
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Oct 2023 18:43:15 GMT
server: Akamai Resource Optimizer
etag: "1e12-60296dceaf6c0-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 21:11:59 GMT

GET
H2 200 blogsecondarynav.min.e911c416b0b02c52b973615dae33fadf.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 4 KB
1 KB 21ms
14ms Stylesheet
text/css 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/blogsecondarynav.min.e911c416b0b02c52b973615dae33fadf.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

3cfad2c28fe50f641c4a891d158cd951206ebfc4438cf7d5827e2b3d7a68435e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719085_34824558_90963244_62_2584_16_0_182";dur=1
content-length: 667
x-xss-protection: 1; mode=block
last-modified: Fri, 20 Oct 2023 06:06:35 GMT
server: Akamai Resource Optimizer
etag: "eb2-5f2900afb3140-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=30996822
accept-ranges: bytes
expires: Thu, 24 Oct 2024 15:25:41 GMT

GET
H2 200 blogsecondarynav.min.e3d0138c73e40cce94efef12f81ae2e6.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 4 KB
1 KB 30ms
25ms Script
application/javascript 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/blogsecondarynav.min.e3d0138c73e40cce94efef12f81ae2e6.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

90fffaaefc4b81b319bef8c9a9c5f8c2c56e85a1ab3d82339b2158b69c682ccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719091_34824558_90963260_212_2650_16_0_146";dur=1
content-length: 823
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Oct 2023 19:32:33 GMT
server: Akamai Resource Optimizer
etag: "e64-6087a8c3b6900-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 21:11:59 GMT

GET
H2 200 blogarticle.min.5c4c38e53191d80af63ea3e711205ebb.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 10 KB
2 KB 68ms
61ms Stylesheet
text/css 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/blogarticle.min.5c4c38e53191d80af63ea3e711205ebb.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

ff0f4e4f7dcaac0334ec00e1a654bce5aee589c1208d30872ce5061568975b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=28, origin; dur=0, ak_p; desc="1698786719089_34824558_90963245_3214_2504_10_0_182";dur=1
content-length: 1876
x-xss-protection: 1; mode=block
last-modified: Mon, 15 May 2023 20:03:46 GMT
server: Apache
etag: "2752-5fbc0f3cacc80-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=900
accept-ranges: bytes
expires: Tue, 31 Oct 2023 21:26:59 GMT

GET
H2 200 breadcrumb.min.cce01bed5fa9e61960c13d1940f696ea.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 725 B
646 B 27ms
20ms Stylesheet
text/css 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/breadcrumb.min.cce01bed5fa9e61960c13d1940f696ea.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

bce657f4cccebf522c57d100dd000580e9d540711cab1b9c014a0e8854251f4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1698786719085_34824558_90963246_290_2557_16_0_182";dur=1
content-length: 227
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Oct 2023 16:48:10 GMT
server: Akamai Resource Optimizer
etag: "2d5-5dc842f3eec80-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=30972313
accept-ranges: bytes
expires: Thu, 24 Oct 2024 08:37:12 GMT

GET
H2 200 breadcrumb.min.46ede505d6f7111a4534dc6199d596d3.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 1 KB
1 KB 76ms
71ms Script
application/javascript 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/breadcrumb.min.46ede505d6f7111a4534dc6199d596d3.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

e581dd5a912f0d3c081b82b3a8b25c95c6838077449ad63f43519f3cab54bd16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=51, origin; dur=0, ak_p; desc="1698786719091_34824558_90963261_5191_2701_9_0_146";dur=1
content-length: 751
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Aug 2023 19:47:16 GMT
server: Apache
etag: "5e2-60296dcfa3900-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=900
accept-ranges: bytes
expires: Tue, 31 Oct 2023 21:26:59 GMT

GET
H2 200 clare-stouffer.png
us.norton.com/content/dam/blogs/images/norton/as/ 2 KB
2 KB 67ms
62ms Image
image/avif 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/blogs/images/norton/as/clare-stouffer.png

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

a1a7069365ef1fa15bd89c341e44edb807bec4e6006c3f6cc2eede1df5868531

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:11:59 GMT
content-encoding: gzip
last-modified: Wed, 19 Jul 2023 18:08:50 GMT
server: Akamai Image Manager
etag: "6396-5fc145dee5840"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/avif
cache-control: private, no-transform, max-age=463223
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719109_34824558_90963269_556_5194_10_0_146";dur=1
content-length: 2002
expires: Mon, 06 Nov 2023 05:52:22 GMT

GET
H2 200 norton-email-scams-hero.png
us.norton.com/content/dam/blogs/images/norton/am/ 44 KB
44 KB 275ms
270ms Image
image/avif 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/blogs/images/norton/am/norton-email-scams-hero.png

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

6fe26570fa6f95a827697ee1d70234115679a607cb6f65a38a8ba0ac784f757f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:11:59 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 16:30:18 GMT
server: Akamai Image Manager
x-serial: 1116
x-check-cacheable: YES
etag: "fa86-5fc1458dd5900"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/avif
cache-control: private, no-transform, max-age=675898
server-timing: cdn-cache; desc=HIT, edge; dur=230, origin; dur=0, ak_p; desc="1698786719109_34824558_90963270_23509_5186_10_0_146";dur=1
expires: Wed, 08 Nov 2023 16:56:57 GMT

GET
H2 200 button.min.df409ee89cb46656cd08d135043e7eac.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 3 KB
1 KB 67ms
62ms Script
application/javascript 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/button.min.df409ee89cb46656cd08d135043e7eac.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

ada825f777baefed28ce1b8618d0d6ac616f02fff5ac3869350022bb738d7b64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719110_34824558_90963271_622_2756_10_0_146";dur=1
content-length: 999
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Oct 2023 19:41:07 GMT
server: Akamai Resource Optimizer
etag: "b0f-6087a8c3b6900-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31535298
accept-ranges: bytes
expires: Wed, 30 Oct 2024 21:00:17 GMT

GET
H2 200 text.min.7d2c876a8cd18892408c7a306e517b0a.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 2 KB
1 KB 44ms
37ms Stylesheet
text/css 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/text.min.7d2c876a8cd18892408c7a306e517b0a.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

3af99c9e152eb6a388574c6cbd1df620882f99b486c542360b84eeea25923d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=14, origin; dur=0, ak_p; desc="1698786719091_34824558_90963247_1449_2939_10_0_182";dur=1
content-length: 623
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Jun 2022 18:55:11 GMT
server: Apache
etag: "96f-5e07b8b95c1c0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=900
accept-ranges: bytes
expires: Tue, 31 Oct 2023 21:26:59 GMT

GET
H2 200 text.min.43b08d18fd35b61cec33493ab4c1b531.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 2 KB
1 KB 68ms
63ms Script
application/javascript 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/text.min.43b08d18fd35b61cec33493ab4c1b531.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

ea2566e46783fedce851cc101cd35ba6042d847f61a9ebc49c5afb480aa4f534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719109_34824558_90963272_534_3745_10_0_146";dur=1
content-length: 710
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Oct 2023 19:32:39 GMT
server: Akamai Resource Optimizer
etag: "7b6-6087a8c3b6900-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31535866
accept-ranges: bytes
expires: Wed, 30 Oct 2024 21:09:45 GMT

GET
H2 200 blogarticle.min.7bf74a7e3759bf0eb36af14485f4d562.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 4 KB
2 KB 68ms
63ms Script
application/javascript 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/blogarticle.min.7bf74a7e3759bf0eb36af14485f4d562.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

5296e1972bf6b473bf0f6b806ec251345e39bc0d6211853048fdcb671a9c3e69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719109_34824558_90963273_535_3731_10_0_146";dur=1
content-length: 1273
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Oct 2023 19:32:20 GMT
server: Akamai Resource Optimizer
etag: "1039-6087a8c3b6900-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31535992
accept-ranges: bytes
expires: Wed, 30 Oct 2024 21:11:51 GMT

GET
H2 200 list.min.5fd11e79d98a89cff653f321356cc9fb.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 14 KB
3 KB 69ms
62ms Stylesheet
text/css 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/list.min.5fd11e79d98a89cff653f321356cc9fb.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

021c5fc6030190f968031644cc8a81738766d504ef2c6f351a642d1eabe90ed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=11, origin; dur=0, ak_p; desc="1698786719101_34824558_90963248_2030_3086_10_0_182";dur=1
content-length: 2646
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Dec 2022 00:46:11 GMT
server: Apache
etag: "3849-5eeb98c22bac0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=900
accept-ranges: bytes
expires: Tue, 31 Oct 2023 21:26:59 GMT

GET
H2 200 img_family-home-work_thumb2x.jpg
us.norton.com/content/dam/blogs/images/norton/tn/ 43 KB
44 KB 68ms
64ms Image
image/avif 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/blogs/images/norton/tn/img_family-home-work_thumb2x.jpg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

37d36a2bd7502379676527d1514f1e169528ffc1f04e1b66887ffab34236c735

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:11:59 GMT
last-modified: Wed, 19 Jul 2023 18:44:00 GMT
server: Akamai Image Manager
x-serial: 4
x-check-cacheable: YES
etag: "206c8-5fc1455a55f80"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=595974
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719119_34824558_90963274_1386_4838_9_0_146";dur=1
content-length: 44506
expires: Tue, 07 Nov 2023 18:44:53 GMT

GET
H2 200 img_woman-laptop-overview_thumb2x.jpg
us.norton.com/content/dam/blogs/images/norton/tn/ 74 KB
75 KB 69ms
65ms Image
image/avif 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/blogs/images/norton/tn/img_woman-laptop-overview_thumb2x.jpg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

52a9c1e985fb4de9c75c6cc17a88f0bbe1d6fd298c3582c2b73890580852ac40

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:11:59 GMT
last-modified: Wed, 19 Jul 2023 18:35:38 GMT
server: Akamai Image Manager
x-serial: 1408
x-check-cacheable: YES
etag: "29c3c-5fc14557798c0"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=595347
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719109_34824558_90963275_591_5051_10_0_146";dur=1
content-length: 76252
expires: Tue, 07 Nov 2023 18:34:26 GMT

GET
H2 200 img_laptops-back-to-back_thumb2x.jpg
us.norton.com/content/dam/blogs/images/norton/tn/ 13 KB
13 KB 70ms
66ms Image
image/avif 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/blogs/images/norton/tn/img_laptops-back-to-back_thumb2x.jpg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

68f203e55e482507ae7cbb5b047aae6add3797b76f0ab6ffe4a65b6f8deb6875

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:11:59 GMT
last-modified: Wed, 19 Jul 2023 18:16:06 GMT
server: Akamai Image Manager
etag: "14174-5fc1455685680"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=442674
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719109_34824558_90963276_579_5022_10_0_146";dur=1
content-length: 13051
expires: Mon, 06 Nov 2023 00:09:53 GMT

GET
H2 200 man-earphone-tablet_190x190.jpg
us.norton.com/content/dam/blogs/images/norton/tn/ 5 KB
6 KB 70ms
66ms Image
image/avif 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/blogs/images/norton/tn/man-earphone-tablet_190x190.jpg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

b1ab7f60896733bcc2a64777ff4f43ffcdc9c12605260980557798b67ba292ee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:11:59 GMT
last-modified: Wed, 19 Jul 2023 18:44:28 GMT
server: Akamai Image Manager
x-serial: 77
x-check-cacheable: YES
etag: "4abd-5fc145464f040"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=291864
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719109_34824558_90963277_564_4996_10_0_146";dur=1
content-length: 5383
expires: Sat, 04 Nov 2023 06:16:23 GMT

GET
H2 200 list.min.cb972d428d35f969c8cfa6a32ff59352.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 6 KB
2 KB 71ms
67ms Script
application/javascript 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/list.min.cb972d428d35f969c8cfa6a32ff59352.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

c81ab91c780c257b541589f6059ed82a861f77363676b31aedf18a7773ce42d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719126_34824558_90963278_1966_2973_9_0_146";dur=1
content-length: 1713
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Oct 2023 19:32:28 GMT
server: Akamai Resource Optimizer
etag: "18d1-6087a8c3b6900-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31535996
accept-ranges: bytes
expires: Wed, 30 Oct 2024 21:11:55 GMT

GET
H2 200 socialmediabanner.min.3731a4cc58e589c439fe1d43dd8a4768.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 1 KB
757 B 27ms
21ms Stylesheet
text/css 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/socialmediabanner.min.3731a4cc58e589c439fe1d43dd8a4768.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

9be9d584d9718fb12864ee91ea739e931ec9a2cbd66594b6654888b6f5c469b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719091_34824558_90963249_191_2887_16_0_182";dur=1
content-length: 337
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Oct 2023 23:18:16 GMT
server: Akamai Resource Optimizer
etag: "4ae-5e07b8b773d40-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=30996822
accept-ranges: bytes
expires: Thu, 24 Oct 2024 15:25:41 GMT

GET
H2 200 icon_twitter1.svg
us.norton.com/content/dam/norton/icon/ 3 KB
1 KB 71ms
68ms Image
image/svg+xml 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/icon_twitter1.svg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

acdd84d9b9a87f044a4027c8ac427a1a2a84760cc49753c46da0c85c6a711584

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
last-modified: Mon, 23 Oct 2023 08:23:20 GMT
server: Akamai Resource Optimizer
etag: "a15-5d76cef5f6700"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="icon_twitter1.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719109_34824558_90963279_548_3604_10_0_146";dur=1
accept-ranges: bytes
content-length: 950
x-xss-protection: 1; mode=block

GET
H2 200 icon_instagram1.svg
us.norton.com/content/dam/norton/icon/ 3 KB
1 KB 72ms
68ms Image
image/svg+xml 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/icon_instagram1.svg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

e3ffc0b66d8feace6bbb5bf4db49d7d2f5d9a0516965b93dff62c180317740ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
last-modified: Mon, 23 Oct 2023 08:08:01 GMT
server: Akamai Resource Optimizer
etag: "bb9-5d76cef5f6700"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="icon_instagram1.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719120_34824558_90963280_1550_3439_9_0_146";dur=1
accept-ranges: bytes
content-length: 901
x-xss-protection: 1; mode=block

GET
H2 200 icon_facebook1.svg
us.norton.com/content/dam/norton/icon/ 2 KB
1 KB 72ms
69ms Image
image/svg+xml 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/icon_facebook1.svg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

7f60b70cd0914dab4dbb9f4e2f97e3e8b2784c500ec236e68adb2956bff893ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
last-modified: Sun, 22 Oct 2023 09:28:49 GMT
server: Akamai Resource Optimizer
etag: "751-5d76cef5f6700"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="icon_facebook1.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=24, ak_p; desc="1698786719109_34824558_90963281_2953_3459_9_0_146";dur=1
accept-ranges: bytes
content-length: 632
x-xss-protection: 1; mode=block

GET
H2 200 icon_youtube-dark.svg
us.norton.com/content/dam/norton/icon/ 697 B
736 B 73ms
69ms Image
image/svg+xml 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/icon_youtube-dark.svg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

22c66cd15f32e15c9373fc199c95f3dd381435590e5592f1b93ad971491b7172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
last-modified: Mon, 23 Oct 2023 08:31:54 GMT
server: Akamai Resource Optimizer
etag: "2b9-5f1e70975ae80"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="icon_youtube-dark.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="1698786719109_34824558_90963282_885_3530_10_0_146";dur=1
accept-ranges: bytes
content-length: 329
x-xss-protection: 1; mode=block

GET
H2 200 spacer.min.94a76473d368b52fba594239c1580199.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 2 KB
744 B 28ms
21ms Stylesheet
text/css 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/spacer.min.94a76473d368b52fba594239c1580199.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

df1c84b7b7dc39655db2bd72f4f17cefd065d4140ba2bf771f6d35a18f9b1ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719091_34824558_90963250_190_2912_16_0_182";dur=1
content-length: 325
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Oct 2023 16:47:51 GMT
server: Akamai Resource Optimizer
etag: "84f-5dc83ba3debc0-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=30972313
accept-ranges: bytes
expires: Thu, 24 Oct 2024 08:37:12 GMT

GET
H2 200 footer.min.bf2f3a7b6716c365bb104cb6451d9ef4.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 3 KB
1 KB 28ms
22ms Stylesheet
text/css 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/footer.min.bf2f3a7b6716c365bb104cb6451d9ef4.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

23cbdb9898337abd7b695077d28d5ce16d5c77228c3da33e6c40b9b4ff9d49ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719091_34824558_90963251_194_2837_16_0_182";dur=1
content-length: 727
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Oct 2023 17:01:06 GMT
server: Akamai Resource Optimizer
etag: "cfe-6013fb9522600-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=30972313
accept-ranges: bytes
expires: Thu, 24 Oct 2024 08:37:12 GMT

GET
H2 200 t-base-component-util.min.ba0d38d87c8c6665e0241365c3d1ff3b.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/templates/ 49 KB
13 KB 29ms
22ms Script
application/javascript 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/templates/t-base-component-util.min.ba0d38d87c8c6665e0241365c3d1ff3b.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

c7f2acd9ddf3bb4bace35c6683947d8e0383319696adf8fef74ce666341475b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719091_34824558_90963252_204_2777_16_0_182";dur=1
content-length: 12509
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Oct 2023 18:44:42 GMT
server: Akamai Resource Optimizer
etag: "c4ca-60296dcfa3900-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 21:11:59 GMT

GET
H2 200 t-base-defer.min.64693bcba6972552c29411ab151df06e.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/templates/ 31 KB
7 KB 73ms
70ms Script
application/javascript 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/templates/t-base-defer.min.64693bcba6972552c29411ab151df06e.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

e5b8530118b2d33fc3583b5d57e2c1d5d96367383e6fe1ca938d708d414dcc80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698786719109_34824558_90963283_561_3454_10_0_146";dur=1
content-length: 6870
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Oct 2023 18:43:34 GMT
server: Akamai Resource Optimizer
etag: "7cc8-6065be2600c80-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31535992
accept-ranges: bytes
expires: Wed, 30 Oct 2024 21:11:51 GMT

GET
H2 200 core.wcm.components.commons.datalayer.v1.min.904d3c2f1e821ab45124d66de422b409.js Show response
us.norton.com/etc.clientlibs/core/wcm/components/commons/datalayer/v1/clientlibs/ 35 KB
12 KB 44ms
37ms Script
application/javascript 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/core/wcm/components/commons/datalayer/v1/clientlibs/core.wcm.components.commons.datalayer.v1.min.904d3c2f1e821ab45124d66de422b409.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

5e303e88b8398f416f84591973b2dc5df6d02746f782fc367368e3f6fbfae6ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=11, origin; dur=0, ak_p; desc="1698786719091_34824558_90963253_1169_2769_14_0_182";dur=1
content-length: 12106
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Dec 2022 18:29:59 GMT
server: Apache
etag: "8a54-5efb9cead37c0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=900
accept-ranges: bytes
expires: Tue, 31 Oct 2023 21:26:59 GMT

GET
H2 200 cookies Show response
us.norton.com/bin/norton/ 0
647 B 38ms
38ms XHR
text/plain 2a02:26f0:2c:2bc::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/bin/norton/cookies

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2bc::1015 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 31 Oct 2023 21:11:59 GMT
x-content-type-options: nosniff, nosniff
server: Apache
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/plain; charset=UTF-8
server-timing: cdn-cache; desc=MISS, edge; dur=19, origin; dur=7, ak_p; desc="1698786719035_34824558_90963227_2532_2872_10_0_255";dur=1
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 MDDJR-3RVW8-S3M46-HL4QS-RLVQ4 Show response
s.go-mpulse.net/boomerang/ 156 KB
40 KB 74ms
19ms Script
application/javascript 2a02:26f0:3100:782::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/MDDJR-3RVW8-S3M46-HL4QS-RLVQ4
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3100:782::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8b912949753e4876dcc1242255b958c1cf74cfc84859fae7e44c698b02ce2f43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:11:59 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Mon, 16 Oct 2023 00:31:09 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 40263

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 367 B
1 KB 137ms
32ms XHR
application/json 52.17.159.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1698786719181

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.159.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-159-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d18d2901d4e5217a5616a320fc71b109cd1d291dd356bb7f97e07b5a39c06ff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v053-0ca88c75b.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 9cmImRf2T1E=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://us.norton.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 308
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 s_code_norton_min.js Show response
www.nortonlifelock.com/content/dam/norton-adobe-analytics/prod/ 79 KB
26 KB 109ms
43ms Script
application/javascript 2a02:26f0:3500:88f::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nortonlifelock.com/content/dam/norton-adobe-analytics/prod/s_code_norton_min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88f::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

bc8f490b0781f5646e96ecd80e0d5b3a7f93ddefd39ec1af514d0187a3101999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Tue, 31 Oct 2023 21:11:59 GMT
content-disposition: attachment
content-length: 26521
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Oct 2023 15:42:53 GMT
server: Apache
etag: "13dc8-607d7425cb940-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18643
accept-ranges: bytes
expires: Wed, 01 Nov 2023 02:22:42 GMT

GET
H/1.1 200
OK dest5.html Show response
symantec.demdex.net/ Frame 0A28 7 KB
3 KB 324ms
38ms Document
text/html 34.249.73.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://symantec.demdex.net/dest5.html?d_nsid=0

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.73.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-73-231.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v053-07763fb20.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 7ytltmgdTxs=
content-encoding: gzip
date: Tue, 31 Oct 2023 21:11:59 GMT
last-modified: Thu, 26 Oct 2023 10:53:47 GMT
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZUFtnwAAANdPhgN6
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=71969486933090157213878057103923003545
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUFtnwAAANdPhgN6

42 B
942 B

34ms
34ms

Image
image/gif

52.17.159.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUFtnwAAANdPhgN6

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

HTTP/1.1

Server

52.17.159.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-159-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v053-0f34f8cc8.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: rgIerFF1SBc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUFtnwAAANdPhgN6
Date: Tue, 31 Oct 2023 21:11:59 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 json Show response
symantec.tt.omtrdc.net/m2/symantec/mbox/ 2 KB
2 KB 301ms
48ms XHR
application/json 66.235.152.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://symantec.tt.omtrdc.net/m2/symantec/mbox/json?mbox=sym_global_mbox&mboxSession=1b5a3eaa49704a4f881e37af03bea1ac&mboxPC=&mboxPage=73352b4ed8934a328319994ca7be2a01&mboxRid=3dc434705f1a4393b112fdc1a0a0c805&mboxVersion=1.8.3&mboxCount=1&mboxTime=1698790319192&mboxHost=us.norton.com&mboxURL=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1600&browserTimeOffset=60&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine&Promocode=&profile.TCG=10&vendor_type=none&program_type=unknown&site_country=us&site_section=norton.com&content_title=norton-email-scams&site_language=en&traffic_source=direct&ExistingCustomer=existing_customer%3A%20No&site_sub_section=blog&profile.promocode=&current_subchannel=&site_content_title=norton-email-scams&original_subchannel=&profile.vendor_type=none&profile.program_type=unknown&profile.site_country=us&site_sub_sub_section=emerging-threats&%20profile.site_section=norton.com&profile.site_language=en&profile.%20traffic_source=direct&profile.ExistingCustomer=existing_customer%3A%20No&profile.%20site_sub_section=blog&profile.current_subchannel=&profile.site_content_title=norton-email-scams&profile.original_subchannel=&mboxMCSDID=59190AEB9C6BA1FB-7B7A7209EE1D80C2&mboxMCGVID=71820229737489884403862603042463894568&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.152 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-66-235-152-152.data.adobedc.net

Software

jag /

Resource Hash

b6b060185ee93dfd3c9523749a728aef3e8f9a43429f685b0e25d28d3d6dd4f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
x-xss-protection: 1; mode=block
x-request-id: 3dc434705f1a4393b112fdc1a0a0c805
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: jag
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://us.norton.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 serverComponent.php Show response
ensighten.norton.com/symantec/aemprod/ 969 B
774 B 40ms
39ms Script
text/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/serverComponent.php?namespace=Bootstrapper&staticJsPath=/symantec/aemprod/code/&publishedOn=Tue%20Oct%2031%2019:24:48%20GMT%202023&ClientID=21&PageID=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams%3F_COUNTRY%3Dus%26_LANGUAGE%3Den%26_TRAFFIC_SOURCE%3Ddirect%26_PGM_ID%3Dmissing%26_PGM_TYPE%3Dunknown%26_IPF%3Dmissing%26_IPD%3Dmissing%26_PSN%3Dmissing%26_SUBCHANNEL%3Dmissing%26_ORIG_SUB%3Dmissing%26_PIFCAM%3Dmissing%26_I_SKU%3Dmissing%26_DEX%3Dmissing%26_INID%3Dmissing%26_IPV%3Dmissing%26_IPC%3Dmissing%26_IUC%3Dmissing%26_IPL%3Dmissing%26_ENP%3Dmissing%26_SKT%3Dmissing%26_ITD%3Dmissing%26now_site_country%3Dus%26now_site_language%3Den%26now_site_content_title%3Dnorton-email-scams%26now_site_sub_section%3Dblog%26now_site_section%3Dnorton.com%26now_trafficsource_cookie_name%3Ddirect%26now_program_type%3Dunknown%26now_current_subchannel%3Dmissing%26now_original_subchannel%3Dmissing%26product_name%3Dnorton-email-scams%26vendor_type%3Dnone%26isMobile%3Dfalse%26viewCampaigns%3Dmissing%26path%3D%2Fblog%2Femerging-threats%2Fnorton-email-scams%26siteCode%3Dnortoncom&custDomain=ensighten.norton.com
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: e5482be7e320309879a70151d1b8f140fbe425123b4578b6c6ebc4114fc333e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:11:59 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA56-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 4mVkyiTOa_Qte6Mq7P998Mpjd-6x_NdTNAUDnIGFJlT5eQFY743jKw==
expires: Tue, 31 Oct 2023 21:11:58 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 4 KB
1 KB 285ms
47ms XHR
application/json 2a02:26f0:2c:28c::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=MDDJR-3RVW8-S3M46-HL4QS-RLVQ4&d=us.norton.com&t=5662622&v=1.766.70&sl=0&si=27157692-0aa6-4c62-80db-0923dab59cb0-s3ew7z&plugins=AK,ConfigOverride,Continuity,PageParams,RT,PaintTiming,NavigationTiming,ResourceTiming,Memory,Errors,Akamai,EventTiming,LOGN&acao=&ak.ai=181220
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:2c:28c::11a6 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5eac2739e5d9493ae5b707318c53fa95656f0fe8bc0a3adec308a1404a62bf47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 21:11:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 1104

GET
H2 200 8f1dd496722b3a6c706ff460131abcbb.js Show response
ensighten.norton.com/symantec/aemprod/code/ 6 KB
3 KB 21ms
18ms Script
application/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/8f1dd496722b3a6c706ff460131abcbb.js?conditionId0=649166
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: 6382bce54e2b1f583841046c9ab00b9de06412061f1512bc0896288edc4725af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:11:59 GMT
x-amz-version-id: iw7OEp2OUT7RErnvuhmYudv68LWoMUZQ
content-encoding: gzip
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 1338119
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Sep 2023 16:23:39 GMT
server: CloudFront
etag: W/"137159d4d38cda0ea759f45ddf9bda86"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: OJA-DGoKxuJHF8K2u5B1rDzUJvjLDzZjUfVMQ_tsA6tiWPwInX6YNg==

GET
H2 200 ec846810a059d195479e14b9713d4f92.js Show response
ensighten.norton.com/symantec/aemprod/code/ 14 KB
3 KB 21ms
18ms Script
application/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/ec846810a059d195479e14b9713d4f92.js?conditionId0=423130
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: f81bb666cdf7001d0a30371d83d4533dd593f85ea01bbb959c812c8b6974e6ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:11:59 GMT
x-amz-version-id: 4lZc4OSDqm7Pfrliarb6jG7q80gccHH6
content-encoding: gzip
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 2987146
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 22 Aug 2023 18:21:36 GMT
server: CloudFront
etag: W/"149c0e45b422080c50c2e68e4a3d9a12"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: RHq83BJadgAJSASDa5sKRRRyHtZTecHpR-4HYIFYjnqZnP4_EePCeQ==

GET
H2 200 e94fb9d7d7096377224ea020f78c342f.js Show response
ensighten.norton.com/symantec/aemprod/code/ 14 KB
5 KB 22ms
19ms Script
application/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/e94fb9d7d7096377224ea020f78c342f.js?conditionId0=473910
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: 26821fcabd9f233365066ecaf07ef42395c30f78a4bdcca9ea952b9898d22cf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:11:59 GMT
x-amz-version-id: gmomsZ5ABKjUsGWR6BSzO51c2kzh_.2K
content-encoding: gzip
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 1737147
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 11 Oct 2023 18:36:58 GMT
server: CloudFront
etag: W/"208ffcec04d49ba5a1dfc852d543eb6c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: VAjW8wPMU04NZ9uki9ivZgjfbIvzga8lkXT0SUoUwGs2zgpE1AjeHg==

GET
H2 200 9beaf61b24aa947cd8ab213ab003c61f.js Show response
ensighten.norton.com/symantec/aemprod/code/ 313 B
793 B 29ms
27ms Script
application/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/9beaf61b24aa947cd8ab213ab003c61f.js?conditionId0=4937810
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: 600afc538fb911c606f046d5ce513b92921c9244ca334532a910ba7de00dd8f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:11:59 GMT
x-amz-version-id: HXHHoo9wdwE88UtLjFh3DaW.LBScHeYL
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 17534032
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 313
last-modified: Mon, 24 Oct 2022 23:07:03 GMT
server: CloudFront
etag: "71e16cc8772bd99bfea33e6920bfb4b2"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: MALJlw40C9jdmXHCzVt0H9Y94Alq7Tjl35ynqFFRgIlqaPsx8bnwsA==

GET
H2 200 6e246484d45c474a8c87c8b7ef93038f.js Show response
ensighten.norton.com/symantec/aemprod/code/ 494 B
972 B 30ms
28ms Script
application/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/6e246484d45c474a8c87c8b7ef93038f.js?conditionId0=1790211
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: 488db805a326a9218cf40ddfdfeffb16f2344ff7061ce17d3dac68ef009d99c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:11:59 GMT
x-amz-version-id: b_0SKib55B_l2DwzAU24FYCOeclclPrK
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 16774223
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 494
last-modified: Thu, 20 Apr 2023 17:37:42 GMT
server: CloudFront
etag: "cb62e7ae6a1179ef4e8fc2dc6b1059c6"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: UvpmBvAFBARiy1jtxqUIcGiQC5tUHp2SEMJ6GREp-A4n0gskDO2lzQ==

GET
H2 200 d65817e25ccaa928ce871977d19a6f0d.js Show response
ensighten.norton.com/symantec/aemprod/code/ 4 KB
2 KB 30ms
29ms Script
application/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/d65817e25ccaa928ce871977d19a6f0d.js?conditionId0=4940767
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: 66c4aac8d7531a43e502e364d2ff267a560cd3565dc76154fbbe8718f63dee87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:11:59 GMT
x-amz-version-id: NNLwg5s.hVMHR1hZTr0b.8xBsJP2_x7O
content-encoding: gzip
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 4594524
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 08 Sep 2023 16:51:01 GMT
server: CloudFront
etag: W/"70ea7929a756549133239862b6f67810"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: 7r2Z5zTBQISgDt7pZASwBTVvIJfaT90NhJ2EB3abAJM8E6sGIxcnpQ==

GET
H2 200 s57219462284092
oms.norton.com/b/ss/symanteccom/1/JS-2.22.0/ 43 B
372 B 154ms
21ms Image
image/gif 63.140.62.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oms.norton.com/b/ss/symanteccom/1/JS-2.22.0/s57219462284092?AQB=1&ndh=1&pf=1&t=31%2F9%2F2023%2022%3A11%3A59%202%20-60&sdid=59190AEB9C6BA1FB-7B7A7209EE1D80C2&mid=71820229737489884403862603042463894568&aamlh=6&ce=UTF-8&pageName=norton.com%3Aus%3Ablog%3Aemerging-threats%3Anorton-email-scams&g=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&server=norton&events=event79%3D4%2Cevent69&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=us&c3=en&v5=none&c8=D%3Dv163&c14=D%3Dv16&v16=norton%3Adirect&v18=norton.com%3Aus%3Ablog%3Aemerging-threats%3Anorton-email-scams&v21=D%3Dc21&v27=D%3Dc2&v28=D%3Dc3&c35=D%3DpageName&c41=norton.com&v41=D%3Dc41&c46=html&c47=page&v47=s_code_norton%202023-10-05&c48=norton-email-scams&v48=D%3Dc49&c49=blog&v49=D%3Dc48&v57=71820229737489884403862603042463894568&v58=emerging-threats&c59=norton.com%3Ablog%3Aemerging-threats%3Anorton-email-scams&v59=D%3Dc59&v66=unknown&v72=norton.com&c75=D%3Dv57&v90=existing_customer%3A%20No&v96=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=67C716D751E567F70A490D4C%40AdobeOrg&AQE=1

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-108.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:11:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 01 Nov 2023 21:11:59 GMT
server: jag
etag: 3648116702180868096-4617828223330250952
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 30 Oct 2023 21:11:59 GMT

GET
H2 200 quantum-norton.js Show response
cdn.quantummetric.com/qscripts/ 344 KB
93 KB 65ms
19ms Script
text/javascript 2606:4700:10::6816:34fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/qscripts/quantum-norton.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:34fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10ee5dceec424da60cca73a53be7dff3c07fb7c020dcccab6e7a743dc390453c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	no-sniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:11:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: no-sniff
cf-cache-status: HIT
content-encoding: br
age: 93
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"169342180800116986872540001691740804464"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
x-robots-tag: noindex
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 81eee4c5ee7a1e20-FRA

GET
H2 200 8d08b1cf12b6dedd46c680b7d1eca911.js Show response
spider.australiarevival.com/i/ 100 KB
37 KB 68ms
13ms Script
text/javascript 2600:9000:206f:a800:1:996f:a9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spider.australiarevival.com/i/8d08b1cf12b6dedd46c680b7d1eca911.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a800:1:996f:a9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 5126774b4a2eb1a7dda54f6620b773bdf61af175bab81dc7210cd3ac1611b32f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 15:38:00 GMT
content-encoding: gzip
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA56-C1
age: 20039
etag: "18e58-MgifBPpdKrDl5THj13NNaV+/ogM"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 37255
x-amz-cf-id: xoOJorKqvPvMbG4u8-4k2e4g5Io68YtUtC08ATmhW7qmo5k8vhXUKw==
expires: Wed, 01 Nov 2023 03:38:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
94 KB 50ms
24ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2M8MHYEY8X

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

02172324238a136c074ee440cdcf6ab7a574914ca84bd6c3872496131f6c2cc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:11:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96068
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 31 Oct 2023 21:11:59 GMT

GET
H2 204 sst
ensighten.norton.com/pc/symantec/ 0
318 B 529ms
527ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/pc/symantec/sst?sstVersion=1.0.0&sstData=%7B%22virtualBrowser%22%3A%7B%22page%22%3A%22https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams%22%2C%22language%22%3A%22en-US%2Cen%22%2C%22screenDepth%22%3A24%2C%22height%22%3A1200%2C%22width%22%3A1600%2C%22title%22%3A%22Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton%22%2C%22timezone%22%3A%22Europe%2FBerlin%22%2C%22screenHeight%22%3A1200%2C%22screenWidth%22%3A1600%7D%2C%22events%22%3A%5B%7B%22name%22%3A%22facebook_conversions_api_integration%22%2C%22data%22%3A%7B%22pixel_id%22%3A%222010787619164716%22%2C%22event_data%22%3A%7B%22event_name%22%3A%22PageView%22%2C%22data_processing_options%22%3A%5B%22LDU%22%5D%2C%22data_processing_options_country%22%3A0%2C%22data_processing_options_state%22%3A0%2C%22event_id%22%3A%222232ac3a-59c3-4da5-bf40-d12869eb8505%22%2C%22user_data%22%3A%7B%7D%7D%7D%7D%5D%7D
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx
x-ens-event-id: 8ea6a9f6-556b-47ca-81fd-8418b5de632f
x-offsite-uuid: 95f28aea-8e87-498c-9701-ce871888cb41
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 199 KB
53 KB 46ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 31 Oct 2023 21:11:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53588
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 6PSR50IZghf4UufDoNnNlqCOdnoBXBYwdiF8vdgMX1sYy3yhFoqHOdfb9Sd+hTjuI53gToT/1QnbOA6Xdi1aSA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ct Show response
bite.australiarevival.com/ 4 KB
1 KB 396ms
119ms Script
text/javascript 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/ct?id=34870&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&sf=0&tpi=&ch=Norton&uvid=&tsf=0&tsfmi=&tsfu=&cb=1698786719914&hl=2&op=0&ag=2822802273&rand=045852615075596609791609069115067357064726009903109610881712039118862882568518987950&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDg5MDldLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjUsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjozNjk4NTE4NzEwLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDIsMCwwLDYsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMTAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsNiwwLDAsMCwwLDAsMCwwLDIsMCJdLFstMSwiLSJdLFstMiwiNixlY1hHWDE5bm5ydlZPMkpkbE5oeEJLUWtMdlNGZEFRQkNsaDE0VlVWRkFsRjcrQ0FJcVhSQkZDRTE2Rllrb1ZVcEFXaEFTSUQya1o1TnRVKzY5Yi8xKzU4N2N6V1JKQVBsR2w5Il0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2llaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIi0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcIm9nOnRpdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiLFwidHdpdHRlcjp0aXRsZVwiLFwidHdpdHRlcjpkZXNjcmlwdGlvblwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIiwxNjAwLDEyMDBdIl0sWy0yMCwiLSJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltcInNlbmRCZWFjb25cIiwwLDEsMSwxXSJdLFstMjUsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6MTAwMDAwMDAsXCJ1amhzXCI6MTAwMDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAwMH0iXSxbLTI3LCJbMCw5LjcsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0iXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjk4Nzg2NzE5ODYzLC0xXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy0zOCwiaSwtMSwtMSw1NiwwLDEsMCwwLDMxLDQwLC0xLDAsOTE3LjIsOTE3LjIsOTkzLDk5NCJdLFstMzksIltcIjIwMDMwMTA3XCIsNCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwzLGZhbHNlLHRydWUsbnVsbCwwLHRydWUsdHJ1ZV0iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwMDEiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiNjIwLDY3NywwLDAsMCw1NjIsMCwwLDY0OCwwLDAsMCwwLDAsMCwwLDAsMCwwLDY4NCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJFdXJvcGUvQmVybGluLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbLTUwLCItIl0sWy01MSwiLSJdLFstNTIsIi0iXSxbLTUzLCIxMDAiXSxbLTU0LCJ7XCJoXCI6W1wiXzFcIixcIjMyOTk5MTM2OVwiLFwiXzNcIixcIjMyOTk5MTM2OVwiXSxcImRcIjpbXCJfMVwiLFwiMjExNTk3NjQ5NlwiXSxcImJcIjpbXCJfMVwiLFwiMTQ4NTE1OTQ4M1wiLFwiXzBcIixcIjM3NTk2NzYwNDhcIixcIjE2MjcyMjUwNjBcIixcIjU4Mjc1NTQyM1wiLFwiMjIyNjMxMjgwM1wiLFwiNjMwMjUwODk5XCIsXCI3MjI2OTg0NjBcIixcIjQxNTY4NzQ1MThcIixcIjE4OTYxMDUxMzhcIixcIjgxOTU5NjE4XCJdLFwic1wiOjF9Il0sWy01NSwiMSJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy01NywiV0UwWlYxeE9jVmhYWFZWY1N4Y0ZXbFpVU1V4TlhGMEhHV0pZU2hsWVNVbFZRR1FaRVZ4UFdGVVpXRTBaQlZoWFZsZEFWRlpNU2djWkVRTU9Bd2dNQ1E0SUFSQVZHUVZZVjFaWFFGUldURW9IQXdnQkF3b0pFQlZZVFJsNFMwdFlRQmRjWEJrUlVVMU5TVW9ERmhaS1NWQmRYRXNYV0V4S1RVdFlWVkJZUzF4UFVFOVlWUmRhVmxRV1VCWUJYUWtCV3doYVh3Z0xXdzlkWEYxZERROWFEd0VKV3c1ZENGeGFXQUFJQ0JkVFNnTUlBdzhQQ1E4QUVCVllUUmxORjF4QlNWWkxUVW9aRVZGTlRVbEtBeFlXU2tsUVhWeExGMWhNU2sxTFdGVlFXRXRjVDFCUFdGVVhXbFpVRmxBV0FWMEpBVnNJV2w4SUMxc1BYVnhkWFEwUFdnPT0iXSxbLTU4LCItIl0sWy01OSwiZGVmYXVsdCJdLFstNjAsMjE0XSxbLTYxLCJ7XCJ3Z3NsXCI6XCIwO1wiLFwicGNmXCI6XCJiZ3JhOHVub3JtXCJ9Il0sWy02MiwiODAiXSxbLTYzLCIwIl0sWy02NCwiWzAsXCJcIixbXV0iXSxbLTY1LCItIl0sWy02NiwiZ2VvbG9jYXRpb24sZ2FtZXBhZCxjaGVjdCxtaWRpLGRpc3BsYXljYXB0dXJlLHVzYixsb2NhbGZvbnRzLHBpY3R1cmVpbnBpY3R1cmUscHVibGlja2V5Y3JlZGVudGlhbHNnZXQsb3RwY3JlZGVudGlhbHMsY2h1YWZvcm1mYWN0b3IsZW5jcnlwdGVkbWVkaWEsY2hzYXZlZGF0YSxjaHVhZnVsbHZlcnNpb25saXN0LGNodWF3b3c2NCxjaGRvd25saW5rLGNocHJlZmVyc2NvbG9yc2NoZW1lLHN5bmN4aHIsY2h1YW1vZGVsLGNocHJlZmVyc3JlZHVjZWR0cmFuc3BhcmVuY3ksc2VyaWFsLGNhbWVyYSxjaHByZWZlcnNyZWR1Y2VkbW90aW9uLHByaXZhdGVzdGF0ZXRva2VuaXNzdWFuY2UsaWRlbnRpdHljcmVkZW50aWFsc2dldCxjaHVhZnVsbHZlcnNpb24sZnVsbHNjcmVlbixjaGRwcix1bmxvYWQsa2V5Ym9hcmRtYXAsY2h1YXBsYXRmb3JtLGd5cm9zY29wZSx3aW5kb3dwbGFjZW1lbnQsY2h1YW1vYmlsZSxjaHVhLG1hZ25ldG9tZXRlcixhY2NlbGVyb21ldGVyLHByaXZhdGVzdGF0ZXRva2VucmVkZW1wdGlvbixjaHVhYXJjaCx4cnNwYXRpYWx0cmFja2luZyxpZGxlZGV0ZWN0aW9uLGNodWFwbGF0Zm9ybXZlcnNpb24sY2h3aWR0aCxjbGlwYm9hcmRyZWFkLGNodmlld3BvcnR3aWR0aCxwYXltZW50LGNodmlld3BvcnRoZWlnaHQsY2hydHQsYXV0b3BsYXksY3Jvc3NvcmlnaW5pc29sYXRlZCxoaWQsY2h1YWJpdG5lc3Msc2NyZWVud2FrZWxvY2ssY2xpcGJvYXJkd3JpdGUsY2hkZXZpY2VtZW1vcnksbWljcm9waG9uZSJdLFstNjcsIjI1MzIzMTI4ODg6MjgiXSxbImRkYiIsIjAsNiwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMSwwLDAsMCwwLDAsMiw3LDAsMSwwLDIsMCwwLDAsMCwwLDAsMCwxLDAsMCw2LDAsMCwwLDAsMCwwLDI4Il0sWyJibmNoIiw4OF0sWyJhYm5jaCIsODldXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=C3uDWPAblU&pto=1046&ver=57&gac=-&mei=&ap=&fe=1&duid=1.1698786719.C12diflIBVgySSnm&suid=1.1698786719.5b35n8xmlVOSpsWj&tuid=1.1698786719.8jEK1NVcLAgXDZ9Q&fbc=-&gtm=W10%3D&it=75%2C757%2C79&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: eb33a7c8f4c9da8242d9db3777aa857f3c48632f9d5c6a6f787bd27ecd28f767

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1287
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2010787619164716 Show response
connect.facebook.net/signals/config/ 146 KB
37 KB 180ms
180ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2010787619164716?v=2.9.135&r=stable&domain=us.norton.com

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2c78f8cbd3b5cf256345ddc05026461523459611ccd8e50e567757d645c6c073

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 31 Oct 2023 21:12:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: zbaHDgIrheecE8eh6lgf5Q9vh6jsecO2ffuKUOr7+lkGqGAv4LlHdjhMkrVxxhzVCPF39x8wxK15eBgbVys2PQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 collect
region1.google-analytics.com/g/ 0
210 B 38ms
15ms Image
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2M8MHYEY8X&gtm=45je3ap0v9132306556&_p=1322998988&gcd=11l1l1l1l1&cid=1276752246.1698786720&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698786720&sct=1&seg=0&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&dt=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 24ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2010787619164716&ev=PageView&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&rl=&if=false&ts=1698786720200&sw=1600&sh=1200&v=2.9.135&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.1.1698786720195.2056847088&cs_est=true&ler=empty&it=1698786719996&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=2232ac3a-59c3-4da5-bf40-d12869eb8505&tm=1&rqm=GET

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 31 Oct 2023 21:12:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 2053905694837980 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 160ms
160ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2053905694837980?v=2.9.135&r=stable&domain=us.norton.com

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83035b8d4a15dab906855580e43e1bee34ee5a7d32a0197c787ab3e0814a00fa

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 31 Oct 2023 21:12:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 4/hFXe/1shCpcWbH7jlEJu3CHc6fLyCe9A/CrKsdo7lpetfY/gb3zhEfI0c0HSEMjDb+1aqYrQ6E5Vzr5UwluA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 63ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 31 Oct 2023 21:12:00 GMT
last-modified: Fri, 20 Oct 2023 01:13:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CC89A8E8B7DD4923816FD0D05674332A Ref B: FRA31EDGE0111 Ref C: 2023-10-31T21:12:00Z
etag: "0125f9ff22da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13079

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
73 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1043330685

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9de306af9d6e26cefb1a6d367b86302567b4174cc361a3ed0321039d53d14a52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74917
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 31 Oct 2023 21:12:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
73 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1043330685&l=dataLayer&cx=c

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

979d9c53b83a6faef55e6f10516b72b9b191a74fa80b8118d12d689ff7b4f3cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74918
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 31 Oct 2023 21:12:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2010787619164716&ev=CHEQ&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&rl=&if=false&ts=1698786720351&sw=1600&sh=1200&v=2.9.135&r=stable&a=tmensighten&ec=1&o=29&fbp=fb.1.1698786720195.2056847088&ler=empty&it=1698786719996&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 31 Oct 2023 21:12:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 tc_imp.gif
bite.australiarevival.com/tracker/ 43 B
79 B 106ms
106ms Image
image/gif 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bite.australiarevival.com/tracker/tc_imp.gif?e=37dfbd8ee84e001363e6c03dec40889d9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d15856a2717071a10acf9f29f6748d0d089552b3e13f8707503d1388c67c3013854239704535c61575cc5b8394f77be26bb25cb43e2916af05365ac097c7a1bda53e917f497d7df3dbb2807ff7ecaa8556d8e0e3143714493d60265f560b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a49c8677a0d8d753e8489d593972aeb9cce4b46d8fd9e16c893008c3e5db6e4d57e56b7dfac41064bfdefe208c00aa47e4d519ca4bc3cb2c906a3594cc738931c583b9f09df3f1477fe425b2b9fb2f4d26f9913f82be50eb0102419457459a959284cdf19526c5269c9fb88735ee727631c97f24938494452bd5a765a111e0905b873aa370525d59c079b802dfcca030a9863bc80da7c19cdd60ce011723bd4e13506f447287f432e51e9a8c8664fdde43dad0629a82a9a62ec1f0f05c2626dea71e54dcb30e4a12f3fca26cb62886f80fb7f224a002ff73d10c8a06cbba62965c7eb3ffd63f6061720938554e0bb8b6dd1f8e5be21b0a3a7deabe5dc28a041ea8eaace6e5399ca99da894f2bdec59532eb91b94bc32738a43651acb60416c6af77db36b1acae8dd608866cb2688a230d0bb0598671222270b600e9ac0e5c7217d559e045896d5d9a7adcc530782adbc7d96cf7367c5d3123c69fa8dc45721b7278343821be33f9b15c7d512f8ba32ea8795d3984761effc26628276a58cacb6179c6c37141989694350b5a54392ed14ca9d9cd449cc8787360e5a5bac69ee5cfe47b8936888334528493d7579e65b879f4054bb3b99f1a94caba91ac51710f14c6e308dab94530efc7be78f0edb0138084db43d2b83a6c96d99543bc48d5bfc83bb80e302993a0f3009e033600bc882064ebb22e6f8c82588dbea095c75bc627a7d7fce6936b5e59f4f79e40878b2859b538b94ecdd5349d72ca9452e0fde442363c7845505daaabc85b3f64abe64c43b827c9ed110ceece43963bac452c89dbdbbd8e19690655086e73947db62d0189700a4b877b4dd929622e394dff9e75424d7b2a4ec499f11d40e0a704b2bb3d04b6a8336b1048bdd24a74179be2e0b83&cri=C3uDWPAblU&ts=443&cb=1698786720357
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
BLOB 200
OK f87242cc-7968-46b4-9b2b-3dc4a758b12d
https://us.norton.com/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://us.norton.com/f87242cc-7968-46b4-9b2b-3dc4a758b12d
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b68303c7f73e7520fb90673f4bc044f094d455203a4fde2a7c665ecd0979343

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length: 261
Content-Type

GET
BLOB 200
OK 138484ba-defa-4132-9e7e-23a9776d8b5d
https://us.norton.com/ 529 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://us.norton.com/138484ba-defa-4132-9e7e-23a9776d8b5d
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47ab57d11d21e48186e843a451c9bf00461d50800b7afc2b8e32f5e0e3d62d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length: 529
Content-Type

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/ 3 KB
2 KB 46ms
24ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=1698786720404&cv=11&fst=1698786720404&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&auid=1516015907.1698786720&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d692a7ce9da419498da008ee03bfffbf7be905c66b87a8f18bdc2398e57a1497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1401
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1043330685/ 3 KB
2 KB 57ms
20ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1043330685/?random=1698786720417&cv=11&fst=1698786720417&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=1516015907.1698786720&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

281a56b7545d2f7b1730c9e95d86832077f87db0a9dc181bfbb743803a2d2e3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1634
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 187010577.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 30ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187010577.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

22f8b5742f36975c1f0d054e483b4ef14eaab3c472c81558115f431dfee721a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Tue, 31 Oct 2023 21:12:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A14F07541E654E6DBE3E426E170EAFA2 Ref B: FRA31EDGE0111 Ref C: 2023-10-31T21:12:00Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
229 B 79ms
79ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187010577&Ver=2&mid=92dd6604-869b-4b6b-8694-4edbb9d8e7d5&sid=21b57250783211eeb8d95b8b91ce7725&vid=21b5b870783211ee969963d88e1752df&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&p=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&r=&lt=404&evt=pageLoad&sv=1&rn=198502

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 31 Oct 2023 21:12:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2214AA13B3BD4631A31A90E5DF0D98E4 Ref B: FRA31EDGE0111 Ref C: 2023-10-31T21:12:00Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
286 B 30ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187010577&Ver=2&mid=92dd6604-869b-4b6b-8694-4edbb9d8e7d5&sid=21b57250783211eeb8d95b8b91ce7725&vid=21b5b870783211ee969963d88e1752df&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&p=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&sw=1600&sh=1200&sc=24&evt=custom&rn=284201

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 31 Oct 2023 21:12:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DF89692983F8436FB22A88CA41F97B78 Ref B: FRA31EDGE0111 Ref C: 2023-10-31T21:12:00Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1043330685/ 42 B
455 B 42ms
19ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1043330685/?random=1698786720404&cv=11&fst=1698786000000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2866167776&rmt_tld=0&ipr=y

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1043330685/ 42 B
455 B 44ms
21ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1043330685/?random=1698786720404&cv=11&fst=1698786000000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2866167776&rmt_tld=1&ipr=y

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1043330685/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=79600172&cv=11&fst=1698786720417&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&gcd=11l1l1l1l1&u_w=1600&u_h=120...
https://www.google.com/pagead/1p-conversion/1043330685/?random=79600172&cv=11&fst=1698786720417&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fu...
https://www.google.de/pagead/1p-conversion/1043330685/?random=79600172&cv=11&fst=1698786720417&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus...

42 B
108 B

24ms
24ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1043330685/?random=79600172&cv=11&fst=1698786720417&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=1516015907.1698786720&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE11Q3FnWVE0b3p6M2VhLWxJX3FBUkltQURxRFdFeFNjVU5XNUFldUE5aUJrMTJsMnFMdHF1bDg2bndIQ3dCNXJNQmc5U0J4SGVNGlpDaEVJOE11Q3FnWVF2ZnVYa2E3MTdhM21BUkl1QUpSTTYzeXBWMGpsa0h5aEFnRWRyUENrb19kQVVrVW15aHlwTXdIanN0X2d1aGtiMndoanVQRE42bldhMkEiEwjg8ZbYmaGCAxX7iv0HHdC2AFs&is_vtc=1&ocp_id=oG1BZeChHPuV9u8P0O2C2AU&cid=CAQSKQDICaaNJL1aci0AXd-K_IKdTRe4Rp1SJ5OlvajIrP2emDB_ydv21dhf&random=390011909&ipr=y

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1043330685/?random=79600172&cv=11&fst=1698786720417&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=1516015907.1698786720&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE11Q3FnWVE0b3p6M2VhLWxJX3FBUkltQURxRFdFeFNjVU5XNUFldUE5aUJrMTJsMnFMdHF1bDg2bndIQ3dCNXJNQmc5U0J4SGVNGlpDaEVJOE11Q3FnWVF2ZnVYa2E3MTdhM21BUkl1QUpSTTYzeXBWMGpsa0h5aEFnRWRyUENrb19kQVVrVW15aHlwTXdIanN0X2d1aGtiMndoanVQRE42bldhMkEiEwjg8ZbYmaGCAxX7iv0HHdC2AFs&is_vtc=1&ocp_id=oG1BZeChHPuV9u8P0O2C2AU&cid=CAQSKQDICaaNJL1aci0AXd-K_IKdTRe4Rp1SJ5OlvajIrP2emDB_ydv21dhf&random=390011909&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 8ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2010787619164716&ev=CHEQ&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&rl=&if=false&ts=1698786720538&sw=1600&sh=1200&v=2.9.135&r=stable&a=tmensighten&ec=2&o=29&fbp=fb.1.1698786720195.2056847088&ler=empty&it=1698786719996&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 31 Oct 2023 21:12:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 109ms
109ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2053905694837980&ev=CHEQ&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&rl=&if=false&ts=1698786720538&sw=1600&sh=1200&v=2.9.135&r=stable&a=tmensighten&ec=0&o=30&fbp=fb.1.1698786720195.2056847088&ler=empty&it=1698786719996&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 31 Oct 2023 21:12:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8136487

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76f7f35bce1403244a18856e96a20eb2ecd911b3dcbffe74bced147627933f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66965
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 31 Oct 2023 21:12:00 GMT

GET
H2 200 A247452-16ea-46a1-bf3e-0d9e4518ff9c1.js Show response
d.impactradius-event.com/ 43 KB
14 KB 50ms
8ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A247452-16ea-46a1-bf3e-0d9e4518ff9c1.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 73b85df6290b6add489d085d46527c813406b86d246a352697fdf53f7752be60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:08:45 GMT
content-encoding: gzip
age: 195
x-guploader-uploadid: ABPtcPoaIY4FkYVVbw8pxRiO7taZdEh5SaifbF86KplPmTJbAOAK7zQmwrGH6jDM-pAng_hw03S-QcvMxLknAIyqHjA8NJNCNefs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13991
last-modified: Mon, 14 Aug 2023 21:00:02 GMT
server: UploadServer
etag: "a7f282480e61c9405089a5575a446f1f"
vary: Accept-Encoding
x-goog-generation: 1692046801997747
x-goog-hash: crc32c=Ema+bQ==, md5=p/KCSA5hyUBQiaVXWkRvHw==
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13991
accept-ranges: bytes
expires: Tue, 31 Oct 2023 21:13:45 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 32ms
4ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:00 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230101-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 201 KB
72 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1069927954

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0454717d3e5c1927082971c8568627c39dcc6302da205cb1e7558829f539c105

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73931
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 31 Oct 2023 21:12:00 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 25 KB
8 KB 53ms
14ms Script
application/x-javascript 2.18.97.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-97-54.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9efdb512753e09f3cd002e176a575c7645ad6ff46abaabc8a84756d5086fb4b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 21:12:00 GMT
Content-Encoding: gzip
Last-Modified: Tue, 31 Oct 2023 12:20:04 GMT
Server: AkamaiNetStorage
ETag: "c00c77cee24d88ec6790fb3e14d64412:1698754928.095827"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7704
Expires: Tue, 31 Oct 2023 21:32:00 GMT

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 38 KB
12 KB 95ms
24ms Script
application/javascript 2a02:26f0:780::210:a441
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=banners&
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::210:a441 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 21:12:00 GMT
Content-Encoding: gzip
x-amz-request-id: YNGC7PCXVN28Z00Q
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 11792
x-amz-id-2: vrDln2XCGOFSFkLE6Ln17Y/P092c846kqJOj1nLZLa1T5AvAIx9Wt+4jaFyZJcu85WAzx+0b3iU=
Last-Modified: Wed, 14 Jun 2023 06:58:45 GMT
Server: AmazonS3
ETag: "5a676288bcea03bd05e483bc4ce066ae"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3479
Accept-Ranges: bytes
X-DataStream-Cache-Status: 1
Expires: Tue, 31 Oct 2023 22:09:59 GMT

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 44ms
8ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 20:33:01 GMT
content-encoding: gzip
age: 2339
x-guploader-uploadid: ABPtcPr3k0H-X2RcqaO-gXmdsEcZPFf6fUsVwaRde_xBRLlWabbHxT5MFNZcgz_urjT8tGk8Bb8pUOqwGqXm3b97F9PQtMuZqcIW
x-goog-storage-class: STANDARD
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-generation: 1622234043862937
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Tue, 31 Oct 2023 21:33:01 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 39 KB
17 KB 97ms
53ms Script
application/javascript 3.162.38.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.38.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-38-245.cdg52.r.cloudfront.net
Software: CloudFront /
Resource Hash: abcdba8205ffaf2f171d12f5468464dfc16a51988b01197728ecf8e83caeb7ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:00 GMT
content-encoding: gzip
via: 1.1 3ebbe9acf1a1455083ed9b89077979dc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: CDG52-P6
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 16941
x-amz-cf-id: Bv6QKVPJeerLp-TJ8cp2NwtCSin5u1gvyyCOulL7glyhzizcvPdKZQ==

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1043330685/ 3 KB
2 KB 21ms
20ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1043330685/?random=1698786720654&cv=11&fst=1698786720654&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=sale&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=1516015907.1698786720&uamb=0&uaw=0&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dnorton-email-scams%3Becomm_traffic_source%3Ddirect&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

f3575aa300b6e7d7fe1ca7f50e5c39a44dec7445b5681cdc116a74e91402121c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1653
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 16 KB
7 KB 44ms
12ms Script
application/x-javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?t=xo&id=norton.com

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

740aa6291fd74459f0ad0c2256a71eee68079130896c7b1554ff86501789ed37

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-D0owXiD932G6i6WwKxBjyQIhKuvfyudlb9FL9oZ09W+DsIiz' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-D0owXiD932G6i6WwKxBjyQIhKuvfyudlb9FL9oZ09W+DsIiz' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 21:12:00 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 74632
x-cache: HIT, MISS
paypal-debug-id: f73049763b483
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 5113
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220048-FRA, cache-fra-etou8220048-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f73049763b483-8f1853b4d2db1190-01
x-timer: S1698786721.692327,VS0,VE4
etag: W/"3e34-DsB0adCw+Ecad5rHYYKTSgmpM4s"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-8136487&l=dataLayer&cx=c

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee250a51e2e6b62b7d5eabb96a8e285ccbdf4d439a09e827992f56ccfb55a99c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 67011
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 31 Oct 2023 21:12:00 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 52ms
7ms Script
application/javascript 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:00 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 37ms
7ms Script
application/javascript 2a02:26f0:480:15::213:7e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:15::213:7e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

672e173a1961506da81fd51463bb8b4aeacf8be4d484d02dca74b3e3a848ab7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Oct 2023 08:37:21 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=41178
accept-ranges: bytes
content-length: 3840

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 45ms
10ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:10:40 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: ZRJ1XBPF4ZF1NFCR
age: 81
x-amz-server-side-encryption: AES256
x-amz-id-2: cyfz+eUON1tlYuqn50uhRiRJ3Ds/DcVabK/eXxACTiNEraWYBwUpm/32oybOGUIyVnBRnqXfhpKHhNsrVrOiWw==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 145ms
107ms Script
application/javascript 2.19.120.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4JSARJR2Q3OG0JAETF0&lib=ttq
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.120.33 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-120-33.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ea2ba4e7b076f693cf3f381554004f55c461d32ef4e12cdef7c0b68115900b89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-akamai-request-id: 50a178e9.20373d63
date: Tue, 31 Oct 2023 21:12:00 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-19-119-33.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
x-parent-response-time: 94,2.19.119.33
server-timing: cdn-cache; desc=MISS, edge; dur=84, origin; dur=10, inner; dur=4
content-length: 1736
pragma: no-cache
server: nginx
x-tt-logid: 202310312112003BF2F8B087AA4AA5E077
x-cache-remote: TCP_MISS from a23-39-229-86.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,23.39.229.86
x-tt-trace-host: 011d68ed99a1da9e98595cfdaa70b1c2107f4cc0daa6be7d68d10bf9310710ea83f73c68edc1c0bbdb1dfeb498d724a8a99a4c9ef5c9d40c3e349ca00208ab31d3af7b1a632d589af9bfc2655f1354c98627f9ae9fb0154af01888aefb287f20d17021eb10ff1c9e224b312051f6e58b40
expires: Tue, 31 Oct 2023 21:12:00 GMT

GET
H2 200 i.js Show response
tag.wknd.ai/2004/ 66 KB
15 KB 49ms
8ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/2004/i.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: fcac8e16b8ebf8cb73c0f1ff1a72b70ee8f750b7bd7d33ce70ad538531b74077

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:10:06 GMT
content-encoding: gzip
via: 1.1 google
age: 114
x-envoy-upstream-service-time: 2
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14909
server: istio-envoy
etag: 72d35600b11d39
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect

GET
H2 200 qevents.js Show response
a.quora.com/ 41 KB
14 KB 57ms
17ms Script
text/plain 162.159.153.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.153.247 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2a101f313f27c267a744088e44664a87d2ec7dc2a3464bf1319a95094dc76db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:00 GMT
x-amz-version-id: DENAuZi5jc6G3XAf0_byr8vJzUcVnf.F
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 5K5D5V73ZS7WKF9W
age: 1217538
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: rw0f1miPAMCLlNAO41NiXIRuuLKXZuQCNTA6SepXUCb3S+LfhrErBvxaTYcGMSrXwelERz9adhJO2n34oVD9jaIq1o7rqDunDM4RI5qBYWU=
last-modified: Tue, 17 Oct 2023 18:57:21 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:5defc3f1c55a0cb9cbca8c06fbabaf65
etag: W/"5defc3f1c55a0cb9cbca8c06fbabaf65"
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=14400
cf-ray: 81eee4ccaa359143-FRA
expires: Wed, 01 Nov 2023 01:12:00 GMT

GET
H2 200 ktag.min.js Show response
www.knotch-cdn.com/ktag/latest/ 84 KB
25 KB 114ms
38ms Script
application/javascript 2600:9000:269a:5200:12:1bcc:1d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.knotch-cdn.com/ktag/latest/ktag.min.js?accountId=68c7d46d-4f53-496f-99ba-ec17ab2c1f6c

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:269a:5200:12:1bcc:1d00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c1a0f115cf3ee9effbcf28741f2c9c5d535644f6f20167067d3e87686ad27d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 07:41:38 GMT
content-encoding: gzip
via: 1.1 e1cead047a37b0f2ae0a79d00bd71fcc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MRS52-P5
age: 48627
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 07 Sep 2023 13:36:13 GMT
server: AmazonS3
etag: W/"16d78e542af113147515d9ab7f5da3e9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: -SUjJYzC86g1m3C97lZJ3duQnLO44cmFy78mk4T0bh_UYJ5pJZucGw==

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 4 KB
2 KB 31ms
9ms Script
application/javascript 2a02:26f0:3500:884::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:884::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b62a5460aded745f58d0ee048ee9422f7aebb4e1e3958dcf5fc14f6395e5ee91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "66ed613455bccaf1999994a009075941"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1792

GET
H2 200 visitor.js Show response
app.leadsrx.com/ 18 KB
19 KB 783ms
370ms Script
application/javascript 52.10.82.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadsrx.com/visitor.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.10.82.74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-82-74.us-west-2.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: 6b5116bd2cb4809c6634b99a9b1ea0a0aeda596a94817682a0e4811e35eccc58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:01 GMT
last-modified: Thu, 26 Oct 2023 16:23:00 GMT
server: nginx/1.20.1
etag: "653a9264-492f"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 18735

GET
H2 200 ae8f1a90-7a0c-0139-4083-06abc14c0bc6 Show response
tag.simpli.fi/sifitag/ 0
447 B 59ms
17ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/ae8f1a90-7a0c-0139-4083-06abc14c0bc6
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
server: openresty
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
x-request-id: F5NNhZ_cR-46OQko0HFD
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 evtnc.js Show response
tag.havasedge.com/js/ 23 KB
23 KB 75ms
17ms Script
application/javascript 13.249.9.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.havasedge.com/js/evtnc.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.9.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-9-8.cdg53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a8046ae76f3c2fa5def7d0153cdb57e8d97c88ccb913dcb4209e3a9f001a36f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 20:22:09 GMT
via: 1.1 0427e61e9a445e92793b25f38fbdcb74.cloudfront.net (CloudFront)
last-modified: Wed, 18 Jan 2023 23:02:12 GMT
server: AmazonS3
x-amz-cf-pop: CDG53-C1
age: 2991
x-amz-server-side-encryption: AES256
etag: "bb282c181bffec3889d3030dd6e067ea"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 23382
x-amz-cf-id: -olOnSFnDHY7Qmo6bbgWUwsqO6fHGZbqqP_T-0EinTYyIiEXKfjZ_A==

GET /
lifelock.norton.com/ Frame 7B56 0
0

GET
H2 200 EG94020756 Show response
enable-eg-ot.egainonetag.com/onetag/ Frame 7B56 18 KB
18 KB 144ms
31ms Script
text/javascript 34.254.6.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://enable-eg-ot.egainonetag.com/onetag/EG94020756
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/code/d65817e25ccaa928ce871977d19a6f0d.js?conditionId0=4940767
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.6.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-6-250.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e85cfa2b997618fa9592dbd38e35e59b0d80e157ab4f13faa193c86b201d9ae5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: text/javascript;charset=utf-8
date: Tue, 31 Oct 2023 21:12:00 GMT
cache-control: max-age=86400
server
expires: Wed, 01 Nov 2023 21:12:00 GMT

GET
H2 200 t.png
tvspix.com/ 68 B
194 B 903ms
197ms Image
image/png 35.85.73.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tvspix.com/t.png?t=1698786720653&l=tvscientific-pix-o-eb001251-d952-4b93-b92d-f7ac10d97dab&u3=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.85.73.196 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-73-196.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 5a75a26f4dd38fe6f26a171533626d35e2df62b7c94a74c147c49589bac9b427

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Tue, 31 Oct 2023 21:12:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 68
expires: 0

GET
H2

200

src=9309239;dc_pre=CJHA2diZoYIDFc_lmgod8pkDGg;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://gwmtracking.com/p/v/1/59bc0993f8708105b27e9bf1/format/img
https://ad.doubleclick.net/ddm/activity/src=9309239;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=9309239;dc_pre=CJHA2diZoYIDFc_lmgod8pkDGg;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=9309239;dc_pre=CJHA2diZoYIDFc_lmgod8pkDGg;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
107 B

51ms
50ms

Image
image/gif

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9309239;dc_pre=CJHA2diZoYIDFc_lmgod8pkDGg;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Protocol

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=9309239;dc_pre=CJHA2diZoYIDFc_lmgod8pkDGg;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 TC-3086-2.gif
pt.ispot.tv/v2/ 43 B
314 B 48ms
12ms Image
image/gif 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.ispot.tv/v2/TC-3086-2.gif?app=web&type=visit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 43
expires: 0

GET
H/1.1

200
OK

c
trkn.us/pixel/
Redirect Chain

https://trkn.us/pixel/c?ppt=22243&g=norton_visits&gid=51843&ord=996784170
https://trkn.us/pixel/c?ppt=22243&g=norton_visits&gid=51843&ord=996784170&ip=80.255.10.203&cuidchk=1

42 B
780 B

611ms
611ms

Image
image/gif

54.163.224.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/c?ppt=22243&g=norton_visits&gid=51843&ord=996784170&ip=80.255.10.203&cuidchk=1

Protocol

HTTP/1.1

Server

54.163.224.65 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-163-224-65.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Oct 2023 21:12:01 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Tue, 31 Oct 2023 21:12:01 GMT
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/html; charset=UTF-8
Location: /pixel/c?ppt=22243&g=norton_visits&gid=51843&ord=996784170&ip=80.255.10.203&cuidchk=1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
617 B 60ms
36ms Image
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2613158642812&event=pageVisit&productName=norton-email-scams
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: d5e81ee886163611a3e8f7face49fee6e4fb67ca
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 5514089091306466
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 16ms
11ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=0&c=21&i=8drwuj&p=aemprod&s=330&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiOGRyd3VqIiwicGFja2V0IjowLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8BkiLCJ0eXBlIjoiYmlsbGluZyIsInN0YXJ0IjoxNjk4Nzg2NzIwNjcxXwDAZCI6LTEsInNvdXJjMgACKwBhdHVzIjoiZgBAYXNvbmUA1F0sImRhdGFQYXR0ZXISAMJsaXN0IjpbXSwiaWRdAMA3ODY3MjA2NzF9XX0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:00 GMT
cache-control: no-cache, no-store
server: nginx
expires: Tue, 31 Oct 2023 21:11:59 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/c/ 0
106 B 10ms
8ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/c/r.rnc?n=0&c=21&i=5kfnit&p=aemprod&s=428&d=9CV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxDgDwHk5hbWUiOiJzeW1hbnRlYyIsInB1Ymxpc2hQYXRoIjoiYWVtcHJvZCIsIm1vZCoAkHdoaXRlbGlzdFEA8CNvb2tpZXMiOnsiU1lNQU5URUNfRU5TSUdIVEVOX1BSSVZBQ1lfQkFOTkVSX0xPQURFRKMA8Q8ifSwiZHQiOjE2OTg3ODY3MjA2ODUsInNldHRpbmdPAPEnbW9kYWwiOiJlbnRlcnByaXNlIiwiZW52aXJvbm1lbnQiOiJVUyBOb3J0b24iLCJkZWZhdWx0OwDxH1NvY2lhbCBNZWRpYSI6MSwiUGVyZm9ybWFuY2UgYW5kIEZ1bmN0aW9uYWxpdHkiALJBZHZlcnRpc2luZxAA8ARuYWx5dGljcyI6MX19LCJldmVuXQAiW3sLAEEiOiJj-wBgQ2hhbmdlHgEM0AA1Niwi-ADAQURFRCI6IjEifV19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:00 GMT
cache-control: no-cache, no-store
server: nginx
expires: Tue, 31 Oct 2023 21:11:59 GMT

GET
H2 200 seo Show response
buy.norton.com/redirector/ 43 B
625 B 117ms
53ms Script
text/javascript 23.196.247.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.norton.com/redirector/seo?callback=cartFn1698786720687

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.247.136 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-196-247-136.deploy.static.akamaitechnologies.com

Software

Resource Hash

f87faa12661708c790d6dfa38330af63026f082877775e724d3a6068fee65761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 31 Oct 2023 21:12:00 GMT
requestid: 103932631ab73000
content-type: text/javascript;charset=utf-8
x-oneagent-js-injection: true
cache-control: max-age=0, no-cache, no-store
server-timing: dtRpid;desc="610809589", dtSInfo;desc="0"
content-length: 43
expires: Tue, 31 Oct 2023 21:12:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 19:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4938
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 31 Oct 2023 21:49:42 GMT

GET
H2 204 5441611.js Show response
bat.bing.com/p/action/ 0
118 B 33ms
32ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5441611.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 31 Oct 2023 21:12:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 94C2B96F217845B98B39C2D0AF6B347B Ref B: FRA31EDGE0111 Ref C: 2023-10-31T21:12:00Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
121 B 36ms
35ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5441611&Ver=2&mid=7b844d28-7aaa-42e0-b8f0-5cf06e3cd1fa&sid=21b57250783211eeb8d95b8b91ce7725&vid=21b5b870783211ee969963d88e1752df&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&p=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&r=&lt=1817&evt=pageLoad&sv=1&rn=509863

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 31 Oct 2023 21:12:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7DBEC7A13C8F43629D39E60A94E65BEA Ref B: FRA31EDGE0111 Ref C: 2023-10-31T21:12:00Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
512 B 196ms
166ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3ADC854CZKCW2SE-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3ADC854CZKCW2SE-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3acffdcb-c025-475c-ba85-3218f5e08f49&fltp=analytics&mrid=DC854CZKCW2SE&code=MUSE_ADMIN_TOOL&partner_name=MUSE_ADMIN_TOOL&flag_consume=yes&pt=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1698786720716&g=-60&completeurl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&disableSetCookie=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 31 Oct 2023 21:12:01 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 68835e0816ebe
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230095-FRA
pragma: no-cache
correlation-id: 68835e0816ebe
traceparent: 00-000000000000000000068835e0816ebe-3ec3be54a8fb5f2a-01
x-timer: S1698786721.857477,VS0,VE152
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 21:12:00 GMT

GET
H2 200 11548.json Show response
s.yimg.com/wi/config/ 43 B
676 B 23ms
8ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/11548.json

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b0d59e6793fe0753b08ca807791faf4b84909d00eb0ea9eee991bfd961065402

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 18:14:04 GMT
x-amz-version-id: l29Z3T5PcvH24RoS2EPqWm7MHKI.YnqT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: QC7ZF242JVB4YE0S
age: 10677
x-amz-server-side-encryption: AES256
content-length: 43
x-amz-id-2: 3bsGzCCvFPG1ga6WCpC1BvA30fn4L4Uv2LlZWLwxeAnPdsJtQXrkY+92NaI7LU2QdDwjybCZ+c8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Mon, 08 Jan 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Sat, 03 Dec 2022 09:55:45 GMT
server: ATS
etag: "ee67895e23e55fb16238fcc20064cdd0"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
248 B 91ms
91ms Ping
image/gif 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=0005899440234181874&referrer=&marketerId=001f961bd9b051a2818b4058353fda92bf&name=PAGE_VIEW&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&g=0&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 21:12:01 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: 6cacabaa9319021fbbbe564d0031349a
Content-Length: 54
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
220 B 476ms
188ms Script
application/javascript 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=001f961bd9b051a2818b4058353fda92bf
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 21:12:01 GMT
content-encoding: br
X-TraceId: cfe93ff15fa3feeb70b891083da41273
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 001f961bd9b051a2818b4058353fda92bf Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
443 B 41ms
15ms Script
text/html 2.18.97.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/001f961bd9b051a2818b4058353fda92bf
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-97-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 21:12:00 GMT
Content-Encoding: gzip
ob-sent-time: 1698750019687
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
X-TraceId: 2f66576980e47f79adf27a9cda1dd068
Content-Length: 22
Expires: Tue, 31 Oct 2023 21:13:00 GMT

POST
H2 200 4405 Show response
norton.ow5a.net/xur/ 119 B
1003 B 112ms
31ms XHR
application/json 52.30.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://norton.ow5a.net/xur/4405
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.155.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-155-104.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 26733cd2376f723c6cae20ddf89d1262ed53e5441aeffb9e6782851b30d7733d

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
access-control-allow-origin: https://us.norton.com
content-type: application/json; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 31 Oct 2023 21:11:29 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1043330685/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=642621891&cv=11&fst=1698786720654&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&gcd=11l1l1l1l1&u_w=1600&u_h=12...
https://www.google.com/pagead/1p-conversion/1043330685/?random=642621891&cv=11&fst=1698786720654&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2F...
https://www.google.de/pagead/1p-conversion/1043330685/?random=642621891&cv=11&fst=1698786720654&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fu...

42 B
64 B

23ms
23ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1043330685/?random=642621891&cv=11&fst=1698786720654&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=sale&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=1516015907.1698786720&uamb=0&uaw=0&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dnorton-email-scams%3Becomm_traffic_source%3Ddirect&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE11Q3FnWVE0b3p6M2VhLWxJX3FBUkltQURxRFdFeFNjVU5XNUFldUE5aUJrMTJsMnFMdHF1bDg2bndIQ3dCNXJNQmc5U0J4SGVNGlpDaEVJOE11Q3FnWVF2ZnVYa2E3MTdhM21BUkl1QUpSTTYzd19zV0VfWC0yeHh1U0RVWUNfVWJrdTRzaWt0YzRxSUpyR0FDZF8wZHR1Ynd1enlvdkFudTJIVmciEwiCk6PYmaGCAxXj57sIHUgdBAw&is_vtc=1&ocp_id=oG1BZYLDKOPP7_UPyLqQYA&cid=CAQSKQDICaaNswYKc_gF_Y2_mWDw68oJFEoUvDZkprqCxfzCkpZ-lwZV38yz&random=1377973724&ipr=y

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1043330685/?random=642621891&cv=11&fst=1698786720654&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=sale&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=1516015907.1698786720&uamb=0&uaw=0&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dnorton-email-scams%3Becomm_traffic_source%3Ddirect&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE11Q3FnWVE0b3p6M2VhLWxJX3FBUkltQURxRFdFeFNjVU5XNUFldUE5aUJrMTJsMnFMdHF1bDg2bndIQ3dCNXJNQmc5U0J4SGVNGlpDaEVJOE11Q3FnWVF2ZnVYa2E3MTdhM21BUkl1QUpSTTYzd19zV0VfWC0yeHh1U0RVWUNfVWJrdTRzaWt0YzRxSUpyR0FDZF8wZHR1Ynd1enlvdkFudTJIVmciEwiCk6PYmaGCAxXj57sIHUgdBAw&is_vtc=1&ocp_id=oG1BZYLDKOPP7_UPyLqQYA&cid=CAQSKQDICaaNswYKc_gF_Y2_mWDw68oJFEoUvDZkprqCxfzCkpZ-lwZV38yz&random=1377973724&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:480:15::213:7e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:15::213:7e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Oct 2023 08:32:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=59032
accept-ranges: bytes
content-length: 3272

GET
H2 200 adsct
t.co/i/ 43 B
205 B 212ms
184ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=29535914-d6e9-444c-89f2-f7f04eb41cd1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=924cb01e-2bae-45df-8a57-e6d0bfd04e5c&tw_document_href=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuzip&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 177
date: Tue, 31 Oct 2023 21:12:00 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 395328838bf3d820
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 20bc0b08b9845e93052ef88033e76fb9bf754a5d58a37e2e4041cb64788fcf58
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 134ms
112ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=29535914-d6e9-444c-89f2-f7f04eb41cd1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=924cb01e-2bae-45df-8a57-e6d0bfd04e5c&tw_document_href=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuzip&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 104
date: Tue, 31 Oct 2023 21:11:59 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 007188e02854b6a5
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 3fd4f8b06849d404b1fedf5253af15e8da79abecdca290dc86138e569861fcde
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
377 B 110ms
110ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=85974b21-441f-435a-8368-7583c065f62b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=924cb01e-2bae-45df-8a57-e6d0bfd04e5c&tw_document_href=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5fum&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 102
date: Tue, 31 Oct 2023 21:12:00 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: be6e8d3fb2b51dc2
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 20bc0b08b9845e93052ef88033e76fb9bf754a5d58a37e2e4041cb64788fcf58
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
238 B 124ms
124ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=85974b21-441f-435a-8368-7583c065f62b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=924cb01e-2bae-45df-8a57-e6d0bfd04e5c&tw_document_href=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5fum&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 117
date: Tue, 31 Oct 2023 21:12:00 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 3fb275c88c10ce37
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 3fd4f8b06849d404b1fedf5253af15e8da79abecdca290dc86138e569861fcde
content-length: 43

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 41ms
8ms Image
image/gif 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1698786720749&id=t2_cxz0s4qa&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=6ab2c2e4-19d3-4917-bf7b-acbe0d57b255&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:00 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2

200

activityi;dc_pre=CM70rtiZoYIDFQNMwgodWFwEAg;src=8136487;type=lp;cat=unive0;ord=1;num=2309552162059;auiddc=1516015907.1698786720;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=unde... Show response
8136487.fls.doubleclick.net/ Frame 42BF
Redirect Chain

https://8136487.fls.doubleclick.net/activityi;src=8136487;type=lp;cat=unive0;ord=1;num=2309552162059;auiddc=1516015907.1698786720;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=un...
https://8136487.fls.doubleclick.net/activityi;dc_pre=CM70rtiZoYIDFQNMwgodWFwEAg;src=8136487;type=lp;cat=unive0;ord=1;num=2309552162059;auiddc=1516015907.1698786720;u10=unknown;u11=missing;u14=direc...

581 B
446 B

55ms
54ms

Document
text/html

216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8136487.fls.doubleclick.net/activityi;dc_pre=CM70rtiZoYIDFQNMwgodWFwEAg;src=8136487;type=lp;cat=unive0;ord=1;num=2309552162059;auiddc=1516015907.1698786720;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=undefined;gtm=45fe3ap0;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8136487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f6.1e100.net

Software

cafe /

Resource Hash

e4f31011d023513685356b3713056205f8d9151209f120ab0734236e716e148c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 336
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 21:12:00 GMT
expires: Tue, 31 Oct 2023 21:12:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 21:12:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8136487.fls.doubleclick.net/activityi;dc_pre=CM70rtiZoYIDFQNMwgodWFwEAg;src=8136487;type=lp;cat=unive0;ord=1;num=2309552162059;auiddc=1516015907.1698786720;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=undefined;gtm=45fe3ap0;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/ 3 KB
1 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=1698786720770&cv=11&fst=1698786720770&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&auid=1516015907.1698786720&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dde08c42463f0916837a604177ea70e2c6f7d74f8f7333ac0d47391c07d653dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1402
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1069927954/ 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069927954/?random=1698786720793&cv=11&fst=1698786720793&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9166610413&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&auid=1516015907.1698786720&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af53b000162c418bd34308bca5c49bf476341d22385bb138a97571998447ce59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1401
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/ 3 KB
1 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=1698786720809&cv=11&fst=1698786720809&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&auid=1516015907.1698786720&uamb=0&uaw=0&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams%3Bu2%3Dblog%3Bu3%3Dnorton-email-scams%3Bu4%3Dmissing&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0276a3875301a4ffd3c0de90620c0cc01c0e7af8014dcdd3004862138f05fe77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1434
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1069927954/ 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069927954/?random=1698786720815&cv=11&fst=1698786720815&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9166610413&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&auid=1516015907.1698786720&uamb=0&uaw=0&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams%3Bu2%3Dblog%3Bu3%3Dnorton-email-scams%3Bu4%3Dmissing&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f5c781ac43d2475f833b618ae0dfa46d0cf6b75411aa594c6a64e620569c81b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1436
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activity;src=8136487;auiddc=1516015907.1698786720;u1=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams;u2=blog;u3=norton-email-scams;u4=missing;gtm=45fe3ap0;gcd=11l1l1l1l1;...
ad.doubleclick.net/ 42 B
440 B 94ms
49ms Image
image/gif 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;src=8136487;auiddc=1516015907.1698786720;u1=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams;u2=blog;u3=norton-email-scams;u4=missing;gtm=45fe3ap0;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 99ms
33ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2031%20Oct%202023%2021%3A12%3A00%20GMT&n=-1&b=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&.yp=11548&f=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&enc=UTF-8&yv=1.15.1&tagmgr=gtm%2Cadobe%2Censighten

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 31 Oct 2023 21:12:01 GMT

POST
H2 200 pdst-events-prod-sink Show response
us-central1-adaptive-growth.cloudfunctions.net/ 2 B
122 B 163ms
162ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json
Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 31 Oct 2023 21:12:01 GMT
content-encoding: gzip
server: Google Frontend
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 6135bba01fcdaf0a0f5a681be23e8620
cache-control: private
function-execution-id: pfkezxt8gpl3
access-control-allow-headers: Content-Type, Accept
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 197ms
125ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://us.norton.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Tue, 31 Oct 2023 21:12:00 GMT
function-execution-id: gqivh2cgak0j
server: Google Frontend
x-cloud-trace-context: 4ebb2c7b4d37c66389b1a3c487e0f054

GET
H2 200 main.aa348ee1.js Show response
s.pinimg.com/ct/lib/ 65 KB
19 KB 8ms
8ms Script
application/javascript 2a02:26f0:3500:884::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.aa348ee1.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:884::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f85db4d7473834756e86b48aec0c7cbfd8a1d5bcf3957565f6253c9ffaeae19e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "b57dfbe384f7bce1a8478d2898254ba1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18916

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1698786720841&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1698786720841&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2504060%26time%3D1698786720841%26url%3Dhttps%253A%252F%252Fus.norton.com%252Fblog...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1698786720841&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1698786720841&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&cookiesTest=true&liSync=true&e_ipv6=AQL...

0
265 B

174ms
150ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1698786720841&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&cookiesTest=true&liSync=true&e_ipv6=AQLoClki__Nv_AAAAYuHlD83Tc5Kv8yTw4I78xT3X5vB-UnVFQNrq_umtx4B2ui14g
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:01 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: FAEA98ACCC854B528102DE5AB5F6A312 Ref B: FRAEDGE1109 Ref C: 2023-10-31T21:12:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYJCZsZi/a0XwIlGq0/HQ==

Redirect headers

date: Tue, 31 Oct 2023 21:12:01 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 699F73F1CFF848B6BE2F5E4165A187CE Ref B: FRAEDGE1912 Ref C: 2023-10-31T21:12:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1698786720841&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&cookiesTest=true&liSync=true&e_ipv6=AQLoClki__Nv_AAAAYuHlD83Tc5Kv8yTw4I78xT3X5vB-UnVFQNrq_umtx4B2ui14g
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYJCZsW1aY/wh8aZjZS3w==

GET
H2 200 runtime_8b30b4890203fd4144c54b9ffd765f5e.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 3 KB
2 KB 43ms
8ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_8b30b4890203fd4144c54b9ffd765f5e.br.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c4fad867557fa65e1a778e915c0b4ed0cd1bbb4443452c8943e5cec6504311e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 15:12:19 GMT
content-encoding: br
age: 1144782
x-guploader-uploadid: ADPycds3EIJSBAQKz_G9fFCNIK3xcyWWhIxBB_dyBssKRbYRNKn-xOUkzpzjSm_A_3DpuiaMValIZPeBSNUa8ZFJ8CCKBytAhQE4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1317
last-modified: Mon, 18 Sep 2023 15:24:02 GMT
server: UploadServer
etag: "dbc90523c425a5d782995c1a39051881"
x-goog-generation: 1695050642582474
x-goog-hash: crc32c=Xs/EYg==, md5=28kFI8QlpdeCmVwaOQUYgQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1317
accept-ranges: bytes
content-type: text/javascript

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/105830223f174e668d8cfee6991bcb40/ 43 B
422 B 469ms
111ms Image
image/gif 52.45.37.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/105830223f174e668d8cfee6991bcb40/pixel?j=1&u=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&tag=ViewContent&ts=1698786720848

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.37.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-37-98.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 21:12:01 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,e84ee09fff687202e62b30872e62669d,10.0.0.20,28460,80.255.10.203,,170704340693,1,1698786721.427,0.002,,.,0,0,0.000,0.000,-,0,0,197,306,153,10,34729,,,,,,-,
Content-Type: image/gif

GET
H2 200 track-event
event.havasedge.com/ 0
38 B 612ms
189ms Image
text/plain 52.33.252.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://event.havasedge.com/track-event?emeta=eyJwIjoiaHR0cHM6Ly91cy5ub3J0b24uY29tL2Jsb2cvZW1lcmdpbmctdGhyZWF0cy9ub3J0b24tZW1haWwtc2NhbXMiLCJvIjoiaHR0cHM6Ly91cy5ub3J0b24uY29tIiwiYW8iOltdLCJwYXJtcyI6e30sInByIjoiIiwiaW5mIjpmYWxzZSwibGNraWQiOiJkYmZmZTRkOS04NmE5LTI4ZDQtNGM3MC1jYzdlYjcyNmExMzNfMTY5ODc4NjcyMCIsInNvdXJjZSI6IkhhdmFzRWRnZS5FdmVudFRhZyIsImJ0IjoxNjk4Nzg2NzIwODY0LCJieiI6LTYwLCJwbGciOlsiQ2hyb21lIFBERiBQbHVnaW4iLCJDaHJvbWUgUERGIFZpZXdlciIsIk5hdGl2ZSBDbGllbnQiXSwicGx0IjoiV2luMzIiLCJjayI6dHJ1ZSwidHIiOmZhbHNlLCJoIjoxMjAwLCJ3IjoxNjAwLCJjZCI6MjR9&trkGuid=0d24d362-9133-4cf0-8e7e-be8762f0510a&evtGuid=5cf27ba5-9ea8-4014-99ea-ec775d2a8e7e&data-product_list=missing&data-order_id=missing&data-subtotal=missing&data-country=US
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.33.252.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-252-192.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:01 GMT
content-length: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/1043330685/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1043330685/?random=1698786720770&cv=11&fst=1698786000000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4187523877&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1043330685/ 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1043330685/?random=1698786720770&cv=11&fst=1698786000000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4187523877&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.ojrq.net/p/ 50 B
465 B 51ms
18ms Image
image/gif 34.95.127.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ojrq.net/p/?return=&cid=4405&tpsync=no&auth=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.127.121 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.127.95.34.bc.googleusercontent.com
Software: /
Resource Hash: ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:01 GMT
via: 1.1 google
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50
expires: Tue, 31 Oct 2023 21:12:01 GMT

GET
H2 200 68c7d46d-4f53-496f-99ba-ec17ab2c1f6c Show response
configs.knotch.com/v1/ 28 B
435 B 98ms
22ms Fetch
application/octet-stream 18.244.140.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://configs.knotch.com/v1/68c7d46d-4f53-496f-99ba-ec17ab2c1f6c
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.140.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-140-93.lhr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e34f0e5c02869c7af0877fc891d549baf7038110147953de90ab21b217e7493

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 07:42:40 GMT
via: 1.1 04fe04d0bfd79ff9f6c08102e28077b0.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 03:39:27 GMT
server: AmazonS3
x-amz-cf-pop: LHR50-P7
age: 48561
etag: "ceb16ae4eeafd95e97144fc875ad6a29"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
access-control-expose-headers: ETag
content-length: 28
x-amz-cf-id: 3Dv1ZEMWgqgtA9Ea7Z14lN9DtUC6rHDStBYrZlAAuPpJIUxIm5RCwA==

GET
H2 200 main.MTVkMmViMGJhMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 415 KB
108 KB 15ms
14ms Script
application/javascript 2.19.120.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTVkMmViMGJhMQ.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.120.33 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-120-33.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 37ca47de0875287dda60c0a5403605db5ceae15909840aee94bb4641e2233e6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-akamai-request-id: 20374025
date: Tue, 31 Oct 2023 21:12:00 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023102413320768FB2DC4F430D7DB97B8
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-19-119-33.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01bd4c60d4cad97433c06708f4218f43a3e195cb15073aadf0271f75b77bb5a0daaee901d11ea1dea4248250f24c0feff90a94a124db4e68623a596f01890b1e4076972fb956e17856af45e187c5c13db9af750302980cf7433d3377a7f3e71040
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 109881

GET
H3 200 08bef49b-4b6f-474e-958b-5a0be7a0227e.js Show response
tr.snapchat.com/config/com/ 173 B
192 B 27ms
17ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/08bef49b-4b6f-474e-958b-5a0be7a0227e.js?v=3.4.15-2310302324

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

ce11f5e0a919ef95ada392313d0c4b99c958517cf35db69397054d0e8111abf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://us.norton.com/
Origin: https://us.norton.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://us.norton.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 173

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame DE45 0
201 B 65ms
17ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=08bef49b-4b6f-474e-958b-5a0be7a0227e&u_scsid=63074924-a6e3-42c7-80c0-ade5e653d7c6&u_sclid=657afc45-d177-40e1-aff8-c4ebe656f9a7

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 31 Oct 2023 21:12:00 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:01:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 612
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 31 Oct 2023 22:01:48 GMT

GET
BLOB 200
OK 6fac039c-fef8-4031-8fa4-0d352d10d9bf
https://us.norton.com/ 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://us.norton.com/6fac039c-fef8-4031-8fa4-0d352d10d9bf
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08b4a2b1c1d126faa01aaf03e54b3099c166bbea70aab7d01fb4ca52148dc35b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length: 17224
Content-Type: application/javascript

POST
H2 200 mon Show response
bite.australiarevival.com/ 0
122 B 109ms
107ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/mon
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://us.norton.com
date: Tue, 31 Oct 2023 21:12:00 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H3 200 /
www.google.com/pagead/1p-user-list/1069927954/ 42 B
64 B 23ms
21ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1069927954/?random=1698786720793&cv=11&fst=1698786000000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9166610413&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1906965085&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1069927954/ 42 B
64 B 23ms
21ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1069927954/?random=1698786720793&cv=11&fst=1698786000000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9166610413&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1906965085&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1069927954/ 42 B
64 B 24ms
22ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1069927954/?random=1698786720815&cv=11&fst=1698786000000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9166610413&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams%3Bu2%3Dblog%3Bu3%3Dnorton-email-scams%3Bu4%3Dmissing&fmt=3&is_vtc=1&random=616764362&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1069927954/ 42 B
64 B 23ms
22ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1069927954/?random=1698786720815&cv=11&fst=1698786000000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9166610413&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams%3Bu2%3Dblog%3Bu3%3Dnorton-email-scams%3Bu4%3Dmissing&fmt=3&is_vtc=1&random=616764362&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1043330685/ 42 B
64 B 23ms
22ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1043330685/?random=1698786720809&cv=11&fst=1698786000000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams%3Bu2%3Dblog%3Bu3%3Dnorton-email-scams%3Bu4%3Dmissing&fmt=3&is_vtc=1&random=1893180163&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1043330685/ 42 B
64 B 22ms
21ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1043330685/?random=1698786720809&cv=11&fst=1698786000000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v878412864&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams%3Bu2%3Dblog%3Bu3%3Dnorton-email-scams%3Bu4%3Dmissing&fmt=3&is_vtc=1&random=1893180163&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 303 B
396 B 36ms
35ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2613158642812&pd=%7B%22np%22%3A%22ensighten%22%7D&cb=1698786720926&dep=2%2CPAGE_LOAD
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4e7140f58b2b89a1c8ffba6df69a1e845f6e8fee48987276a7523b8244191c3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:00 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1143257217610825
content-length: 172
pin-unauth: dWlkPVptSXpaVEpsWlRRdFlUSmlOQzAwTmpVd0xUZzFNVEl0WVRWalkyTmtZalkyTldJMA
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://us.norton.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: d5e81ee886163611a3e8f7face49fee6e4fb67ca
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
88 B 32ms
32ms Image
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2613158642812&pd=%7B%22np%22%3A%22ensighten%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22aa348ee1%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1698786720928
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: d5e81ee886163611a3e8f7face49fee6e4fb67ca
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
x-pinterest-rid: 5772028607245114
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 egain-chat.js Show response
support-digital.norton.com/system/templates/chat/ 4 KB
2 KB 865ms
380ms Script
application/x-javascript 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/egain-chat.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

bb6f12c7d2e7c565090a55d90424b281cbf41437a920641dd2d2ffe961215128

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 09 Mar 2023 13:40:25 GMT
server: Server
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 54ef1a0d-e79d-4857-8e53-2878ec7fc9da
etag: "1859f8c96b08fac285a06dffa6f17223"
x-frame-options: *
x-amzn-trace-id: Root=1-65416da1-196059a86e01d3d90d081212
content-type: application/x-javascript
cache-control: max-age=7200,private
x-amz-apigw-id: Nr4RTGjAvHcFmJw=
content-length: 1369

GET
H2 200 allow_cobrowse.js Show response
support-digital.norton.com/system/cb/admin/js/ 24 KB
25 KB 814ms
377ms Script
application/javascript 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/cb/admin/js/allow_cobrowse.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Resource Hash

c0192be544261e01a5122cd654b834b0572f391d2aa23d8ba897134beef16038

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: cache
date: Tue, 31 Oct 2023 21:12:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: compress,gzip
last-modified: Thu, 02 Mar 2023 22:27:50 GMT
content-security-policy: frame-ancestors 'self' *
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 24532
x-ua-compatible: IE=EmulateIE9

GET
H2 200 Offers.egain Show response
support-digital.norton.com/system/ 1 KB
2 KB 612ms
378ms Script
text/javascript 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/Offers.egain?command=GetRulesJS&egofferpageurl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&egofferpagetitle=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&egofferpatternchecksum=

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

36d3127ae63e30fe49a62b9eb1353c643a9a67f4ca86b06768ad0d3b9ab045f4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amzn-remapped-content-length: 1045
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: c21220c7-1ee2-4ee9-82d7-61514a2e31a2
x-amzn-remapped-connection: keep-alive
x-amz-apigw-id: Nr4RTE_xvHcFctA=
content-length: 350
x-ua-compatible: IE=EmulateIE9
pragma: no-cache
server: Server
content-type: text/javascript; charset=UTF-8
cache-control: no-cache
x-amzn-remapped-date: Tue, 31 Oct 2023 21:12:01 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 EG94020756 Show response
analytics.analytics-egain.com/iframe/ Frame 340C 5 KB
5 KB 131ms
30ms Document
text/html 54.171.111.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.analytics-egain.com/iframe/EG94020756
Requested by: Host: enable-eg-ot.egainonetag.com
URL: https://enable-eg-ot.egainonetag.com/onetag/EG94020756
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.111.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-111-121.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7dc0108355117ef1d4f6b974756d2d9f83e6b16bad59f340525e05fdaca97229

Request headers

Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-type: text/html;charset=utf-8
date: Tue, 31 Oct 2023 21:12:01 GMT
expires: Wed, 01 Nov 2023 21:12:01 GMT
server

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 15ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1322998988&t=pageview&_s=1&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&ul=en-us&de=UTF-8&dt=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDDAAEIJAAAAACAMI~&jid=1304486301&gjid=1937348124&cid=1276752246.1698786720&tid=UA-1304930-1&_gid=499925795.1698786721&_r=1&_slc=1&did=dNjIxNT&z=1635763575

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://us.norton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CM70rtiZoYIDFQNMwgodWFwEAg;src=8136487;type=lp;cat=unive0;ord=1;num=2309552162059;auiddc=*;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=undefined;gtm=45fe3ap0;gcd=11l1l1l...
adservice.google.com/ddm/fls/z/ Frame 42BF 42 B
401 B 70ms
45ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CM70rtiZoYIDFQNMwgodWFwEAg;src=8136487;type=lp;cat=unive0;ord=1;num=2309552162059;auiddc=*;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=undefined;gtm=45fe3ap0;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams

Requested by

Host: 8136487.fls.doubleclick.net
URL: https://8136487.fls.doubleclick.net/activityi;dc_pre=CM70rtiZoYIDFQNMwgodWFwEAg;src=8136487;type=lp;cat=unive0;ord=1;num=2309552162059;auiddc=1516015907.1698786720;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=undefined;gtm=45fe3ap0;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8136487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_72059.js Show response
analytics.tiktok.com/i18n/pixel/static/ 134 KB
36 KB 14ms
13ms Script
application/javascript 2.19.120.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_72059.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.120.33 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-120-33.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 70242b7559c38404934267e32fa95b7ab11a7f1f8ec793c34b96e84aed7a42b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-akamai-request-id: 20374112
date: Tue, 31 Oct 2023 21:12:00 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231024133207A0D3148730B97C3DFD9A
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-19-119-33.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01a2abf7df098b5b8a39e50523f00e8d3caf4b3bf8974548aec2a91dac11c2d96c80ad6a6fc201c4fd02fbb6a4764067a13685aadf5e2d8746328c5288a367c00e5503e7f49eef4683f24bb4af1b86c6d4e5be4ed85e34f9a01e094cae4e4e7d8b
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 35852

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
787 B 132ms
131ms Ping
text/plain 2.19.120.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.120.33 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-120-33.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: c9d2dc3.2037427e
date: Tue, 31 Oct 2023 21:12:01 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-19-119-33.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
x-parent-response-time: 114,2.19.119.33
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=33, inner; dur=30
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202310312112015CB37D2BA1EFCC80639C
x-cache-remote: TCP_MISS from a23-48-100-39.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 33,23.48.100.39
x-tt-trace-host: 011d68ed99a1da9e98595cfdaa70b1c210a24aa1432f499ef1aab98a2a4bc1510b711aad19931d6a971b54ca8fcf4ccc934bd4aa04deb741b915adb86a978fe86940e70edf2d7fd4088b75381528380ec508615e4e8a02937208d678423de39cd25fad307c00b4d63550ce84b806905baf
access-control-allow-headers: Authorization,*
expires: Tue, 31 Oct 2023 21:12:01 GMT

GET
H2 404 pangle_pixel
analytics.pangle-ads.com/api/v2/ 18 B
18 B 191ms
113ms Image
text/plain 2.19.11.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel?analytics_message=eyJldmVudCI6IlBhZ2V2aWV3IiwibWVzc2FnZV9pZCI6Im1lc3NhZ2VJZC0xNjk4Nzg2NzIxMDY2LTgxNDA4NzgzMjk0MDMtQzRKU0FSSlIyUTNPRzBKQUVURjAiLCJjb250ZXh0Ijp7ImxpYnJhcnkiOnsibmFtZSI6InBpeGVsLmpzIiwidmVyc2lvbiI6IjIuMS4zMyJ9fSwidGltZXN0YW1wIjoiMjAyMy0xMC0zMVQyMToxMjowMS4wNjdaIn0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.11.8 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-11-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 99eb12f2ab3c4866a353e098ffa3cb7a967e617c49b98480394ec5d8ea92b094

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-akamai-request-id: 35c0b432.19e3a5f1
date: Tue, 31 Oct 2023 21:12:01 GMT
x-bytefaas-request-id: 2023103121120138F382DDBA33A7D67C21
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a92-123-13-200.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
x-parent-response-time: 95,92.123.13.200
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=5, inner; dur=1
content-length: 18
pragma: no-cache
server: nginx
x-tt-logid: 2023103121120138F382DDBA33A7D67C21
x-cache-remote: TCP_MISS from a23-207-199-91.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain
access-control-allow-origin: *
x-bytefaas-execution-duration: 0.26
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 013a791011ed321c8acfc862ad0741f1eaaad07092253b230cd9a0a49ef81f1606372ff2c702fb6b8c379ed819bf043bd074604bca17e727a10c5472c23464ff4d9ebb921fd3c38fff5dccbfff5c683461251386a411c73364e0a4a71721644936b972601edde76f28fdd6cdd156f24424
x-origin-response-time: 5,23.207.199.91
access-control-allow-headers: *
expires: Tue, 31 Oct 2023 21:12:01 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 63ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1304930-1&cid=1276752246.1698786720&jid=1304486301&gjid=1937348124&_gid=499925795.1698786721&_u=aDDAAEIIAAAAACAMI~&z=1154986996

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 31 Oct 2023 21:12:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://us.norton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 2F4F 565 B
427 B 31ms
30ms Document
text/html 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Tue, 31 Oct 2023 21:12:01 GMT
pinterest-version: d5e81ee886163611a3e8f7face49fee6e4fb67ca
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 4430433907083201

GET
H2 200 ingress.gif
aq-swa-api.knotch.it/ 43 B
198 B 445ms
230ms Image
image/gif 52.200.32.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aq-swa-api.knotch.it/ingress.gif?browser_url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&root_browser_url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&canonical_url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&referrer_url=&account_id=68c7d46d-4f53-496f-99ba-ec17ab2c1f6c&cs_render_id=7daa92b4-e92c-4bb2-94bf-2b5798564375&cs_visitor_id=59f3f3d0-be7a-4aac-a6d8-ba7e7f849572&time_stamp=1698786721101&session_time_stamp=1698786720892&user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.117%20Safari%2F537.36&ktag_version=v2.1.1&platform=Win32&language=en-US&color_depth=24&screen_resolution=1600x1200&time_zone=Europe%2FBerlin&privacy_mode=false&content_height=9031&content_width=1600&type=page_view&load_data=%257B%2522load_time%2522%253A156.9%252C%2522time_to_page_view%2522%253A207.2%257D&set_cookie=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.32.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-32-109.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:01 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2 200 main-v2_c9c258cb9bfd7508958772a37a128347.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 452 KB
101 KB 8ms
7ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_c9c258cb9bfd7508958772a37a128347.br.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 43bca9c25e559aaeee0eac2e305da3b64bf9afe0ff957e55c289f5f33b7a9ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:05:46 GMT
content-encoding: br
age: 375
x-guploader-uploadid: ABPtcPrXU2MApGHXCnF7qlwjil3nBKhxMArnjzVAfdK_bxKdi_YxgFvJqoLklLRcM9dwoi66Xjm8SgE_zk6S3s-uVCL4e7M-dkHb
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103114
last-modified: Tue, 31 Oct 2023 21:05:35 GMT
server: UploadServer
etag: "79107c6ee3e653866160487a864528f1"
x-goog-generation: 1698786335091450
x-goog-hash: crc32c=FC6IMQ==, md5=eRB8buPmU4ZhYEh6hkUo8Q==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 103114
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 cjs_min_e56025bf788e01599545a68c3c69921e.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 48 KB
15 KB 14ms
14ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_e56025bf788e01599545a68c3c69921e.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ab972f6a39ea0cc174d842ee8e05040126ae6ff7a9cb1ba71832891f65b777c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:16:39 GMT
content-encoding: gzip
age: 107722
x-guploader-uploadid: ABPtcPotyywmCVnoTJphb1bQWwVLxuxGZPvAZzW6TjwIHtJNOz3lf8E6NCdLH1trXwc0_SDI2eE5zllt7OrLT6zIkwo_wkuR1zJU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15456
last-modified: Mon, 30 Oct 2023 15:16:33 GMT
server: UploadServer
etag: "26c0a67ac86badefc2bd96cdcdb2c5d8"
x-goog-generation: 1698678993576874
x-goog-hash: crc32c=yJ1HXQ==, md5=JsCmeshrre/CvZbNzbLF2A==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000,no-transform
x-goog-stored-content-length: 15456
accept-ranges: bytes
content-type: text/javascript; charset=utf-8

POST
H2 200 p
tr.snapchat.com/ 0
90 B 21ms
20ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 31 Oct 2023 21:12:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://us.norton.com
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 21ms
19ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1304930-1&cid=1276752246.1698786720&jid=1304486301&_u=aDDAAEIIAAAAACAMI~&z=1029017109

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 24ms
22ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1304930-1&cid=1276752246.1698786720&jid=1304486301&_u=aDDAAEIIAAAAACAMI~&z=1029017109

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 14 B
338 B 581ms
119ms XHR
application/json 34.95.120.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.72 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 72.120.95.34.bc.googleusercontent.com
Software: /
Resource Hash: d0949842faf7022686cdc10f6b3249267c7efb20c8043f708a11b4b3779f712f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Oct 2023 21:12:01 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 14 B
338 B 905ms
118ms XHR
application/json 34.102.206.216
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.206.216 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 216.206.102.34.bc.googleusercontent.com
Software: /
Resource Hash: cf14d2c07884176483beb43a76b3f79899619cb087fc8176c3792ca79d47c83d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Oct 2023 21:12:01 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 14 B
338 B 733ms
118ms XHR
application/json 34.149.44.52
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.44.52 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 52.44.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 56a91178be19c73d3cd57f522c0c8dc23246780057acf2a768f0fd7b12bf492a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Oct 2023 21:12:01 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H3 200 inbox-v2_48b3046e5658d067d380731acb25edd9.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 16 KB
5 KB 9ms
9ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox-v2_48b3046e5658d067d380731acb25edd9.br.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d37545bbfbab30b44e51e630172af7d5d8a717afe66642b3e8eba0f6e1666872

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 13:32:36 GMT
content-encoding: br
age: 1669165
x-guploader-uploadid: ADPycdvX9Eo6YnzcDXhlCjzyHCf59z-iaUno1aqObuO7vpTwVKOIjcysg_IP2S2so6YyNZfzYoH5Y5JUDNkBmU4KZMve2w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4862
last-modified: Tue, 10 Oct 2023 16:03:33 GMT
server: UploadServer
etag: "e08d76c0eee63d930afa55862092fe13"
x-goog-generation: 1694525539645421
x-goog-hash: crc32c=om6Z6Q==, md5=4I12wO7mPZMK+lWGIJL+Ew==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 4862
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 onsite-v2_5631bf90701659009118a89f964ae570.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 16 KB
5 KB 8ms
7ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_5631bf90701659009118a89f964ae570.br.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: eddc11d8be0ae5311acc08d5f2ebe7ff9426384f6408ecbb56abbd7fb5e03743

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 15:24:02 GMT
content-encoding: br
age: 1144079
x-guploader-uploadid: ADPycdt82uaxuizgKCir6qCl0vOQCoY7nzx1jWbzMgtbXXOX00BmtLIGtx6lGy16I5OjOGCKpft99su7Co2t-OfbQcHpaQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4962
last-modified: Tue, 17 Oct 2023 15:39:23 GMT
server: UploadServer
etag: "801d41813e7b11c4986b4ca00307283b"
x-goog-generation: 1695050633424590
x-goog-hash: crc32c=+KL22A==, md5=gB1BgT57EcSYa0ygAwcoOw==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 4962
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 jquery-3.5.1.min.js Show response
assets.bounceexchange.com/assets/bounce/ 87 KB
31 KB 10ms
10ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 00:27:20 GMT
content-encoding: br
age: 1457081
x-guploader-uploadid: ADPycdsV6ihxmMvU_JlXGzitlKgI_y8DZ9X9ZB5ZpZqUEWWDhADQZTdRt9oC4qkipBI1E7jWVfDIF56mZLQ4ehxhQB7MT4jjy0Y0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31566
last-modified: Thu, 12 Oct 2023 17:49:55 GMT
server: UploadServer
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
x-goog-generation: 1697132995268969
x-goog-hash: crc32c=W9o9Ng==, md5=3F5/GMjTasHT1HU6h8mNCg==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 89476
accept-ranges: none
content-type: text/javascript; charset=UTF-8

GET
H3 200 local_storage_frame17.min.html Show response
assets.bounceexchange.com/assets/bounce/ Frame DE97 2 KB
969 B 9ms
8ms Document
text/html 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6

Request headers

Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
age: 129526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: br
content-length: 938
content-type: text/html; charset=UTF-8
date: Mon, 30 Oct 2023 09:13:15 GMT
etag: W/"fc893948c3efc689b5b19d8a77958e23"
last-modified: Wed, 25 Oct 2023 14:44:22 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1698245061960783
x-goog-hash: crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2408
x-guploader-uploadid: ABPtcPpKxtfKfLgQlpDWHMyUZRFtwjmIrECfO8Ia1Hn5_Zpn9DM8o5uXdWZTR9qxjDhml9gtYBPj3i1qiC-8SSpvidCAT6HQcHkm

POST
H/1.1 204
No Content / Show response
684dd311.akstat.io/ 0
354 B 126ms
84ms XHR
image/gif 2a02:26f0:3100:795::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd311.akstat.io/

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:3100:795::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 31 Oct 2023 21:12:01 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://us.norton.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Tue, 31 Oct 2023 21:12:01 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
789 B 202ms
201ms Ping
text/plain 2.19.120.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.120.33 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-120-33.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: b6ae5601.203744f1
date: Tue, 31 Oct 2023 21:12:01 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-19-119-33.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
x-parent-response-time: 173,2.19.119.33
server-timing: cdn-cache; desc=MISS, edge; dur=109, origin; dur=80, inner; dur=76
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023103121120138A33C0497CC4EB0BE52
x-cache-remote: TCP_MISS from a23-220-105-86.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 80,23.220.105.86
x-tt-trace-host: 011d68ed99a1da9e98595cfdaa70b1c210f82b8df1937ec6a4d0687e7b7587ddf13be6ca596d0e02a151dd8ddeef45d6891aa0e1427aaead210232b074f217355a8cf8cd2a005274ae45f41f02bcd14f4edaff37e9f552228ce171970096d9cd33739719f6a7053ffc10c32cbff0d946b4
access-control-allow-headers: Authorization,*
expires: Tue, 31 Oct 2023 21:12:01 GMT

POST
H2 200 mon Show response
bite.australiarevival.com/ 0
39 B 109ms
107ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/mon
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://us.norton.com
date: Tue, 31 Oct 2023 21:12:01 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H3 200 p
tr.snapchat.com/ 0
15 B 20ms
19ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 31 Oct 2023 21:12:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://us.norton.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 mon Show response
bite.australiarevival.com/ 0
16 B 107ms
106ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/mon
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://us.norton.com
date: Tue, 31 Oct 2023 21:12:01 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 visitor.php Show response
app.leadsrx.com/ 103 B
532 B 206ms
206ms XHR
text/html 52.10.82.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.leadsrx.com/visitor.php?acctTag=csiyrk42502&tz=-60&ref=&u=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&t=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&lc=null&anon=0&vin=null

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.10.82.74 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-10-82-74.us-west-2.compute.amazonaws.com

Software

nginx/1.20.1 / PHP/5.6.40

Resource Hash

00d296d637c152187f0ca58a302dfd8c85c93fabbf8efd0241f4eb094bbf5301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 31 Oct 2023 21:12:01 GMT
x-content-type-options: nosniff
server: nginx/1.20.1
x-powered-by: PHP/5.6.40
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 207ms
205ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=1&c=21&i=8drwuj&p=aemprod&s=13612&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiOGRyd3VqIiwicGFja2V0IjoxLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA9RJodHRwczovL3N5bWFudGVjLnR0Lm9tdHJkYy5uZXQvbTIaALAvbWJveC9qc29uPwoAwD1zeW1fZ2xvYmFsXxAAECYFADBTZXMOAfESPTFiNWEzZWFhNDk3MDRhNGY4ODFlMzdhZjAzYmVhMWFjLQAyUEM9CADxFWFnZT03MzM1MmI0ZWQ4OTM0YTMyODMxOTk5NGNhN2JlMmEwMSoA8RVSaWQ9M2RjNDM0NzA1ZjFhNDM5M2IxMTJmZGMxYTBhMGM4MDUpABJWlgFhPTEuOC4zEgBiQ291bnQ9RwDxA1RpbWU9MTY5ODc5MDMxOTE5MiMAkUhvc3Q9dXMubjcBQS5jb20XAFBVUkw9aCYBmSUzQSUyRiUyRiQA8g4lMkZibG9nJTJGZW1lcmdpbmctdGhyZWF0cyUyRksAwS1lbWFpbC1zY2Ftc1MAglJlZmVycmVyAAH0E1hEb21haW49ZW5hYmxlZCZicm93c2VySGVpZ2h0PTEyMDATAIZXaWR0aD0xNhIAAMsA-AFPZmZzZXQ9NjAmc2NyZWVuOQACEgAHOADwC2NvbG9yRGVwdGg9MjQmZGV2aWNlUGl4ZWxSEgIjPTFEACBPcrECABMA8AduPWxhbmRzY2FwZSZ3ZWJHTFJlbmRlvQDwOkludGVsJTIwSXJpcyUyME9wZW5HTCUyMEVuZ2luZSZQcm9tb2NvZGU9JnByb2ZpbGUuVENHPTEwJnZlbmRvcl90eXBlPW5vbmUgAEJncmFtEgDgdW5rbm93biZzaXRlX2O3AVJyeT11cxAAMHNlY7kCEj1ZAQGkAcBjb250ZW50X3RpdGxQAAD0AglyAQFJAFBsYW5ndWkC8A1lbiZ0cmFmZmljX3NvdXJjZT1kaXJlY3QmRXhpGQOzZ0N1c3RvbWVyPWURACNfYxIAAQECMzBOb4sANHViX48AAAICAMYAAeYAFnD5AEBjdXJynACyc3ViY2hhbm5lbD09AA-1AA6Yb3JpZ2luYWxfOwAESAEPQQEBBHsADkkBBDYAAQgBDVEBAMYAAAQAA1kBDMUCSSYlMjBBAATzAAeCAQkgAAhpAQQZAD8lMjB0AQMEIQAPfAEYBDMAMSUyMNEAF3O9AAmHAQ98AQEEPQABOgAPhAEOBC4AD4wBAgDvBPIYTUNTRElEPTU5MTkwQUVCOUM2QkExRkItN0I3QTcyMDlFRTFEODBDXwTxHk1DR1ZJRD03MTgyMDIyOTczNzQ4OTg4NDQwMzg2MjYwMzA0MjQ2Mzg5NDU2OCcE8SpBQU1CPTZHMXluWWNMUHVpUXhZWnJzel9wa3FmTEc5eU1YQnBiMnpYNWR2SmRZUUp6UFhJbWRqMHk-APAMTUNHTEg9NiIsInR5cGUiOiJ4aHIiLCJzdGFyTgYA_wSAODY3MTkzNTQ8BjFkIjoTBQYUAAIfA-IiOiJYSFJfTUFOQUdFUkEAMHR1c7kGYWxsb3dlZGAGQGFzb25fBtRdLCJkYXRhUGF0dGVyEgC0bGlzdCI6W10sImlmAK85MzI1NTQ5MH0skQb_______8bPzYsIpEGa7FjLmdvLW1wdWxzZRsNsWFwaS9jb25maWcuFQ37FGtleT1NRERKUi0zUlZXOC1TM000Ni1ITDRRUy1STFZRNCZkXgzxRnQ9NTY2MjYyMiZ2PTEuNzY2LjcwJnNsPTAmc2k9MjcxNTc2OTItMGFhNi00YzYyLTgwZGItMDkyM2RhYjU5Y2IwLXMzZXc3eiZwbHVnaW5zPUFLLEOSAIBPdmVycmlkZQ8A8Rh0aW51aXR5LFBhZ2VQYXJhbXMsUlQsUGFpbnRUaW1pbmcsTmF2aWfsCwMRACJSZWsBAw8A9QlNZW1vcnksRXJyb3JzLEFrYW1haSxFdmVBAPAHTE9HTiZhY2FvPSZhay5haT0xODEyMg0PD3sIDC42N3sIABQAAn8AD3sIRH85MzI2NjQyewgHD-oB_9gwZW5zZQ8nZW71DwbxEBJhmhHwJS9zZXJ2ZXJDb21wb25lbnQucGhwP25hbWVzcGFjZT1Cb290c3RyYXBwZXImc3RhdGljSnPcER49SgAADw8jLyYAEoBlZE9uPVR1ZTwP8hJjdCUyMDMxJTIwMTk6MjQ6NDglMjBHTVQlMjAyMDIzJkNBElBEPTIxJskDL0lElBA48BIlM0ZfQ09VTlRSWSUzRHVzJTI2X0xBTkdVQUdFJTNEZW4RANBUUkFGRklDX1NPVVJDFwACNw8AGwD0AVBHTV9JRCUzRG1pc3NpbmcUADBUWVApAAPRDwAWADpJUEYnACxJUDgAKlNOIgCqU1VCQ0hBTk5FTBgAik9SSUdfU1VCFgBqUElGQ0FNFABaSV9TS1UTADpERVgRACxJTsEAO0lQViMAK1BDEQAcVREAG1CkADpFTlAzADpTS1QRACpJVAABQ25vd1-dDlR1bnRyeZABBRgABF8PBJgBBRkACc4OMiUzRKAPCAkRNSUyNi4ABzYPQSUzRGLBEgceAAINEAVGAABoEQM-AAPIDwKhBSFfY4AUEF8NAzUlM0QSAgBnADVwcm-LEADGAALWEQNGAA6cDwkXAQBAAA91DwAJJAAANBU0dWN0fAAP7wACBygRAcwA8AVuZSUyNmlzTW9iaWxlJTNEZmFscxMA2nZpZXdDYW1wYWlnbnNmAG9hdGglM0TlExwwJTI2xQEwQ29kZgACmwAATxQASRIF7RMOegQGqw9ic2NyaXB0bQ8Mrg8OMwc3NDAzHQnCaW5zZXJ0QmVmb3JlQgACrw8_bG9hrA8hnzczNDA1NTg5MjEHCA9HBf____-lHTh6DApHBSBtdcsJQ29uT2L_CR9MTQU5HzN-DAcPTQUTAUoK8Bo4ZjFkZDQ5NjcyMmIzYTZjNzA2ZmY0NjAxMzFhYmNiYi5qcz9jb25kaTQZl0lkMD02NDkxNhMWD2gGBz00MDAhASg2MoUPD2gGPK84NDM0Mjk1NDI5GwGPHzMbAQwPPAJCBCEBHzOJBy4BPAL9ETliZWFmNjFiMjRhYTk0N2NkOGFiMjEzYWIwMDNjNjFmPAJnNDkzNzgx1Q8PPQIJHzEiAQwPPQI9fzkyNDAxOTjWDwkPWAMYDxwBSw8-AmMEIgEfNF8DMv4QNmUyNDY0ODRkNDVjNDc0YThjODdjOGI3ZWY5MzAzOD4CUTE3OTAyDCEDExIPPgIJHzI-AgAfN-MKSJ80ODMyNTA5MDUcAZAPPgIBCBwBD3wEQhQ3IgEfNiIBMv4QZTk0ZmI5ZDdkNzA5NjM3NzIyNGVhMDIwZjc4YzM0Mj4CTzQ3Mzl7BCkfOT0CSI8yOTEwMDYyNlkDMw8bAUoPPAIBCBsBDzwCQwQhAQ88AjP_EWQ2NTgxN2UyNWNjYWE5MjhjZTg3MTk3N2QxOWE2ZjBkuAYAXzQwNzY3XQ8RLzQwegQALzMwPQJHnzY5NDAxNTM5Nz0CMw8cAUsPPgIACRwBDz4CQgUiAQ-cBTP-EWVjODQ2ODEwYTA1OWQxOTU0NzllMTRiOTcxM2Q0ZjkyPgJPMjMxM_UIFA8yCwAAXCECLBMgIjrgJw-aETcwNzAwZRlPNzI2OBEKMw8bAUoPPAIACRsBDzwCQAchAQ88AggF-ChhZGVtZGV42hsAIin_ATUuaHRtbD9kX25zaWQ9MCMCKAgGWgRTaWZyYW11Ewu3Ex4ztxMoODBPDQBAGGBuZENoaWymEwBIGAFlIw-2EyYQM1kELzgxWQQID_sAVS00Oc8JCvsAD_0BQEI2OTczAgEfMncGCPAFd3d3Lmdvb2dsZXRhZ21hbmFnZXLsFvYJL2d0YWcvanM_aWQ9Ry0yTThNSFlFWThY6gEPvgoHEDYUBSRlbukkAU8lKDgx6gEP7wBAzzcwMDExNTIwMjQwN6IJB5BzcGlkZXIuYXWvGqFsaWFyZXZpdmFs8gD_FmkvOGQwOGIxY2YxMmI2ZGVkZDQ2YzY4MGI3ZDFlY2E5MTEuanMAARIeMloRNzk4NEQHDwABQL82OTcyNzMwMDIwNj8QCPEBY29ubmVjdC5mYWNlYm9va-0DkGVuX1VTL2ZiZdAeH3PlABUApR4L5QEvOTmHC06fNjkxMjY0NjQx5QAJ8QFkbi5xdWFudHVtbWV0cmlj3wEScbECI3MvGwASLZUYD-8AFSsyNcMDPzIwMA0SSZ82NzU4NTYzOTjpAF4fNukADA-9AkIE7wAPECkJc3JlZ2lvbjGwBKEtYW5hbHl0aWNz3wH7AGcvY29sbGVjdD92PTImdLcE8BMmZ3RtPTQ1amUzYXAwdjkxMzIzMDY1NTYmX3A9MTMyMjk5iSqDJmdjZD0xMWwCAPQBJmNpZD0xMjc2NzUyMjQ2Lh0qkDIwJnVsPWVuLZMtEXKNLhF4pC6AdWFhPSZ1YWIFADBmdmwHAIBtYj0wJnVhbQwAEXAFABB2BgBgdz0wJl9zbC4AYwADiSoQMr8uAKIvj3NlZz0wJmRs4R44QiZkdD0NMTElMjCNLwA-LACPLwLTLWBBbnN3ZXLFLtF0byUyMFlvdXIlMjBGNzHwAW50bHklMjBBc2tlZCUyMFFJMTBpb24tANIoRkFRcyklMjAtJTIwYACQJmVuPXBhZ2VfUxxwJl9mdj0xJkMIAAcAEHPzAEBfZWU9EjIEBhFxZW5kQmVhY6cxC5srTDIwMDZIEwAUABc1TAWvU0VOREJFQUNPTqIrAVtibG9ja6IrYSJXaGl0ZZMrD60rCQonAAS4KzAwMDWvDA_sDgkPZQUCc3NpZ25hbHMwJfACLzIwMTA3ODc2MTkxNjQ3MTa2ArAuOS4xMzUmcj1zdAcxIiZkFTEJbDEPgAYRLjk5wwMQMs0WD4cLRp80NDg2MTc3Nzh6BwcPFQFvDH8KAFgiCNkOD9gEQPAANzAwNDQ4NjE3Nzc5fV19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:01 GMT
cache-control: no-cache, no-store
server: nginx
expires: Tue, 31 Oct 2023 21:12:00 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 204ms
202ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=2&c=21&i=8drwuj&p=aemprod&s=21545&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiOGRyd3VqIiwicGFja2V0IjoxLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8SNodHRwczovL2JpdGUuYXVzdHJhbGlhcmV2aXZhbC5jb20vY3Q_aWQ9MzQ4NzAmdXJsPTIA0SUzQSUyRiUyRnVzLm5nAAAsAPIOJTJGYmxvZyUyRmVtZXJnaW5nLXRocmVhdHMlMkYnAPILLWVtYWlsLXNjYW1zJnNmPTAmdHBpPSZjaD2uAIImdXZpZD0mdBsAQXNmbWkNAPaIdT0mY2I9MTY5ODc4NjcxOTkxNCZobD0yJm9wPTAmYWc9MjgyMjgwMjI3MyZyYW5kPTA0NTg1MjYxNTA3NTU5NjYwOTc5MTYwOTA2OTExNTA2NzM1NzA2NDcyNjAwOTkwMzEwOTYxMDg4MTcxMjAzOTExODg2Mjg4MjU2ODUxODk4Nzk1MCZmcz0xNjAweDEyMDAmZnN0PQ4A-BFucD13aW4zMiZudj1nb29nbGUlMjBpbmMuJnJlZj0mczoAIG5jtADxQnQ9JmRpPVcxc2laV1lpTERnNU1EbGRMRnN4TWl3aWUxd2lZM1I0WENJNlhDSjNaV0puYkZ3aUxGd2lkbHdpT2x3aWFXNTBaV3dnYVc1akxsdxwAHGMcAPAlWEpwY3lCdmNHVnVaMndnWlc1bmFXNWxYQ0lzWENKemJIWmNJanBjSW5kbFltZHNJR2RzYygAplhNZ01TNHdJQ2g8APMQWE1nWjJ4emJDQmxjeUF4TGpBZ1kyaHliMjFwZFcwcFQAWW5kbVZ5uAASQywAQEtHOXeAAANAAB95QAAIF3VAAOByYVhSY0lpeGNJbUpsYuAAIGpVvACQM1oyeGNJam94FAEjWjMcANJsd2lkMlZpYTJsMElI1AADmAAwelpX7ADgb3pOams0TlRFNE56RXc8AENjMlZqcAD5MmNJbjBpWFN4Yk16Y3NJbHN6TXpFMk1qSTBNRFE1TEdaMWJtTjBhVzl1S0c1bGQxWmhiSFZsS1NCN1hHNGdJQ0FnBAD5GEdGa1pFTnZiblJsYm5SWGFXNWtiM2RRY205NGVTaDBhR2x6S1Z4dTQAEUNEAPApdkx5QlNaWE5sZENCd2NtOXdaWEowZVN3Z2RHaGxJR2h2YjJzZ2FYTWdiMjVzZVNCdVpXVmtaV1EQAC9qWlQAAuBCUFltcGxZM1F1WkdWbQQCMFVIStwB_xB5ZEhrb2FXWnlZVzFsTENBbmMzSmpaRzlqSnl3Z2UxoAAC_w5nSUdOdmJtWnBaM1Z5WVdKc1pUb2dabUZzYzJVcwwBAvACQ0FnZDNKcGRHRmliR1U2SUc8AU9ObExGYAAEEEggAGRWbE9pQmaQAA9YAAI_SDBwGAACtEY5cFpuSmhiV1V1QADxA0lEMGdibVYzVm1Gc2RXVmNiaWwBBrgB_ApIMWRJbDBzV3lKallpSXNJakFzTUN3d0xECAATSRgAE1kIAAwgAA8QAAAfVBQAAAxcAB9TbAABDzgAAA8oABUDYAAvTmlYAAEAxAAQSnAEc3RNU3dpTFMMAPJ8aXdpTml4bFkxaEhXREU1Ym01eWRsWlBNa3BrYkU1b2VFSkxVV3RNZGxOR1pFRlJRa05zYURFMFZsVldSa0ZzUmpjclEwRkpjVmhTUWtaRFJURTJSbGxyYjFaVmNFRlhhRUZUU1VReWExbzFUblJWS3pZNVlpOHhLelU0TjJONlYxSktRVkJzUjJ3NYwBoDB6TENKYlhDSnBIA_EDY201aGJDMXdaR1l0ZG1sbGQybAQAEATyHHRhR3BtWW0xa1oyTm1hbUppY0dGbGIycHZabTlvYjJWbVoybGxhR3BoYVZIBRBhQAWwWEp1WVd3dGJtRmpYADBiSFYgBTJjSWwIBGRMVFFzSWkMABdVDAAXWQwAF2MMABdnDABRa3NJaXNQBINMVEV3TENJdNQAEHh0AQDkBSJkRswFA6QEEHSIBPMEVzF3aVpHVnpZM0pwY0hScGIyNQAFlDluT25ScGRHeMAF8AJ2Wnpwa1pYTmpjbWx3ZEdsdiAFANQE8wJkSGRwZEhSbGNqcDBhWFJzWvQABxgADTgAJFhY6AClRXlMQ0p1ZFd4c7AAF3kkAgkUAShFMdgAY05pd2lNQ0wCZFRjc0lqUQABEDTIAQVQAxVWbAAZNRgAA7QCYE1Td3lOQwQA8AR4Y0lpMWNJaXd4TmpBd0xERXlNkAOCVFl3TUN3eE0UABIyFAARSRQACSgABFAAFENIAAQIAAhQABNC-ANHMHlNQ-gAJ2pFzAEQSRQBAIgCAJwGAHACRnVYQ0o4AFN5d2lLefgA8gRqUXNJbHRjSW5ObGJtUkNaV0ZqxAEAiAN0RXNNU3d4WHADGGpUAuBJMkxDSjdYQ0owYW1oegwCYU1UQXdNRAQAAHQAHzEYAARRcWFITnMwACB6YwwBAjQAFEhkASNJM2QBYDVMamNzTQwBMGpSbnQCZWJuVnNiRigAAKQBtGxiaTFWVXl4bGJp0AAAyAIEJAAgTXdMAEBYQ0oyQAAVTTwAtE14TENKbVlXeHpa3AAneklAASdNeigCKHpOaAEgelVsBxF4mAfmemcyTnpFNU9EWXpMQzAoASJ6WVQBUmpRdk0xwANHTkM4eoQBIHpOpALkVEUwTkMwMk5pMHhPREFwA4B6T0N3aWFTd-wEAAQAEjEUBRNFwAVgTXhMRFF3cAAA7AWGT1RFM0xqSXMIAHRrekxEazVO2AIjemuMAKBJd01ETXdNVEEzDAEQTlgBcGtkbFkydHYQAMRYQ0pPWlhSelkyRneAA5BUVzk2YVd4c1mQA3FHNTFiR3dzhAG0Q3gwY25WbExEZ3NIBwIYADR3ekwsB2NIUnlkV1UwADN3d0wQAFVkSEoxWlADAMgAM0l6TYwCKE5ExALzA1F5TENJeE56STBNamszTmpVeuADUzBNeXdpaAJAd01ERdQAAkQCAIACUFRFeE1EBAATQQgAEkUcACNERdwDVFEwTENJKAcUMVQAYE5Td2lOahgAQFkzTnn8AgHMBjAxTmp8BgAQADVZME-gAwAQAAEgAARIAG93TERZNE4gAAoAMAACpAIwTkRZsAcEkAAA8AIwRmRY4AjwC1V2UW1WeWJHbHVMR1Z1TFZWVExHeGhkRzRzNApTWjI5eWWwAjBORGdEABRzwAQoTkT4AhhVwAUQMcAFBDQHKE5U6AIQVegCQ3hNREGMACNVMNQDEG-gAwDcBTJYekbQBcBqTXlPVGs1TVRNMk8QAm9Gd2lYek4cAAIgWFMACxBSrAsAhAQjZk0wAGBNakV4TlTMAVBRNU5sd3QAACgLDigAIFRR9ApUMU9UUTRAAzRYekJsAMMzTlRrMk56WXdORGgUAAD4CoRjeU1qVXdOaigApFU0TWpjMU5UUXlEAMRNakl5TmpNeE1qZ3cUAEBOak13OABCT0RrNQgDpkkzTWpJMk9UZzBMAMVReE5UWTROelExTVR0ALQ0T1RZeE1EVXhNehQAoGd4T1RVNU5qRTTsAwDcBoNjMXdpT2pGOWgCEDFoAhRNxAGTVFlzSW14aGJteAO1UzF3Y21sdFlYSjUwAPD_i3l3aVYwVXdXbFl4ZUU5alZtaFlXRlpXWTFONFkwWlhiRnBWVTFWNFRsaEdNRWhIVjBwWlUyaHNXVk5WYkZaUlIxRmFSVlo0VUZkR1ZWcFhSVEJhUWxab1dGWnNaRUZXUmxwTlUyZGpXa1ZSVFU5QmQyZE5RMUUwU1VGU1FWWkhVVlpaVmpGYVdGRkdVbGRVUlc5SVFYZG5Ra0YzYjBwRlFsWlpWRkpzTkZNd2RGbFJRbVJqV0VKclVsVlZNVTVUVlc5RVJtaGFTMU5XUW1SWVJYTllWMFY0UzFSVmRGbFdWa0paVXpGNFVGVkZPVmxXVW1SaFZteFJWMVZDV1VKWVVXdENWM2RvWVZoM1oweFhkemxrV0VZeFpFUlJPV0ZFZDBWS1YzYzFaRU5HZUdGWFFVRkpRMEprVkZOblRVbEJkemhRUTFFNFFVVkNWbGxVVW14T1JqRjRRbE5XV2t4VVZXOWFSVlpHVGxSVmJFdEJlRmxYVTJ0c1VWaFdlRXhHTVdoTlUyc3hURmRHVmxGWFJYUmpWREZDVUZQARFogAH0G1JteEJWMEZXTUVwQlZuTkpWMnc0U1VNeGMxQllWbmhrV0ZFd1VGZG5QVJgGJ1U0YAYxMU9TRAljbVlYVnNkuAUQTtALMGpFMOANMExUWbAGAGwHMjNaMzwHU1hDSXdPXAZAY0dObbAD9ARYQ0ppWjNKaE9IVnViM0p0WENKeAIQMqgPFU_oAwCwBiNJd2QCEDLgBjBXekG0BwBQAyViWKAFGFkwCRAyMAmgWjJWdmJHOWpZWOwJ8C40c1oyRnRaWEJoWkN4amFHVmpkQ3h0YVdScExHUnBjM0JzWVhsallYQjBkWEpsTEhWellpeHNiMk5oYkdabA70AHpMSEJwWTNSMWNtVnBibgwA-hdVc2NIVmliR2xqYTJWNVkzSmxaR1Z1ZEdsaGJITm5aWFFzYjNSdxgA8A1Nc1kyaDFZV1p2Y20xbVlXTjBiM0lzWlc1amNucAqQVmtiV1ZrYVdFKADwA3pZWFpsWkdGMFlTeGphSFZoWlwIYEhabGNuTsQK8QNzYVhOMExHTm9kV0YzYjNjMk7gAKBSdmQyNXNhVzVyHACwY0hKbFptVnljMk4UAQAIACBvWpgOoEhONWJtTjRhSElsAJkxWVcxdlpHVnM0AADUAPAPSFZqWldSMGNtRnVjM0JoY21WdVkza3NjMlZ5YVdGMABSaGJXVnmkAEFCeVpXoABweVpXUjFZMtAAETngD_EXTEhCeWFYWmhkR1Z6ZEdGMFpYUnZhMlZ1YVhOemRXRnVZMlVzYVfYD3BwZEhsamNtgA8gNTBkAFBjMmRsZNwADQQBIjRzFAEAsAtAVmxiaeAB4VJ3Y2l4MWJteHZZV1FznAGibTloY21SdFlYQewAEFj0ASBSbYAC8wFMR2Q1Y205elkyOXdaU3gzVBBQd2JHRmooATJiblE0AINXMXZZbWxzWowB8AxMRzFoWjI1bGRHOXRaWFJsY2l4aFkyTmxiR1bAEV9sZEdWefQABQLcABIxYAwAtADwAEhWaFlYSmphQ3g0Y25Od7gCMFlXeHQBwGphMmx1Wnl4cFpHeGACMjBaVzARAKgBMGRXRqgAcTBabTl5Ylh4AUBwYjI0sADiM2FXUjBhQ3hqYkdsd1kAAVF5WldGazgAAOgNZDNCdmNuUigAgndZWGx0Wlc1UAIGIABxb1pXbG5hSAQBIHlkCABBWFYwYjQD0GtzWTNKdmMzTnZjbWzkDfEAcGMyOXNZWFJsWkN4b2FXNAAwMVlXpBDyFzVsYzNNc2MyTnlaV1Z1ZDJGclpXeHZZMnNzWTJ4cGNHSnZZWEpr0BAQVcAA8ARrWlhacFkyVnRaVzF2Y25rc2JXFAJkOXdhRzl1EAsgTmoQDfACSTFNekl6TVRJNE9EZzZName0B1RiSW1Sa3QQApwKEEEoDAcMCQDsCAUkCRB4qAoFTA0EJAkPGBAPAjgADCgAMWl3M1AAARgABJwJD3AAAhEyKAAEcAABCAAiSTT0BMFKaWJtTm9JaXc0T0ZEEfAJaFltNWphQ0lzT0RsZFhRJTNEJTNEJmRlshX2PHByZT0wJnNkZD0lN0IlN0QmY3JpPUMzdURXUEFibFUmcHRvPTEwNDYmdmVyPTU3JmdhYz0tJm1laT0mYXA9JmZlPTEmZHVpZD0xLhUW_QQuQzEyZGlmbElCVmd5U1NubSZzIwD9AzViMzVuOHhtbFZPU3BzV2omdCMA8AQ4akVLMU5WY0xBZ1hEWjlRJmZifQBwZ3RtPVcxMMQAsGl0PTc1JTJDNzU3BgAQOSIAMGw9LaYAAwcAgHNkPS0mcnRpOQAgYmcGAKBzcGE9MSZ1cmlk_RXwCmI9IiwidHlwZSI6InNjcmlwdCIsInN0YXLpFwfmFhA41xc0ZCI65QDAMjAzNTgsInNvdXJjPACyYXBwZW5kQ2hpbGRBAJB0dXMiOiJsb2EQAGByZWFzb273F9RdLCJkYXRhUGF0dGVyEgCzbGlzdCI6W10sImljAL82OTQzMTU1NDN9LCkY______________________________-yLzUyKRgMMW11dPMvr09ic2VydmVyQ0wwGDgvNzcwGAdCd3d3LhEvoHRhZ21hbmFnZXIsMIAvZ3RhZy9qc10w30FXLTEwNDMzMzA2ODUZGQ8ABRkP8AAALzk0GRlGrzk4OTk4NTYzNDbpAF4eN9kBCekAD9kBQgTwAC81MfAAODAmbD2EGq9MYXllciZjeD1j6gETHTMBATc0MjPqAc9pbnNlcnRCZWZvcmXUAjCvOTQ4MTY0ODc5MvsAbw78AQr7AA_8AUMEAQEP7AIIgWJhdC5iaW5nyQMgYWNMNPAdLzA_dGk9MTg3MDEwNTc3JlZlcj0yJm1pZD05MmRkNjYwNC04NjliLTRiNmIKAPAlNC00ZWRiYjlkOGU3ZDUmc2lkPTIxYjU3MjUwNzgzMjExZWViOGQ5NWI4YjkxY2U3NzI1Jhs0ACUANWI4NyUA8AE5Njk5NjNkODhlMTc1MmRmJQDwGXM9MSZtc2Nsa2lkPU4mcGk9MTIwMDEwMTUyNSZsZz1lbi1VUyZzdz2_MzEmc2gfAJMmc2M9MjQmdGyJNDElMjCrNDElMjCtNAHyNPEJMEFuc3dlcnMlMjB0byUyMFlvdXIlMjBGYTXwAW50bHklMjBBc2tlZCUyMFFzNTBpb24tAOEoRkFRcyklMjAtJTIwTjA1LyZwSjU59hZyPSZsdD00MDQmZXZ0PXBhZ2VMb2FkJnN2PTEmcm49MTk4NTAycAMyaW1nKwMIcB5OMjA0M1cFARQABXAe8gdIVE1MSW1hZ2VfU0VUQVRUUklCVVRFTAACex5vYWxsb3dlfh4ifzQwMDc2Nzl-HgoPeQKNFzB5AvwRZWM9Q0hFUSZlbD1JbnZhbGlkX1VzZXJzJmV2PTAmZWEWAD9uPVkWAjsP4wIDACICYGN1c3RvbRsCUDI4NDIwpDgDjiAPGwIGHjSIBRgzcgcPGwJJnzkzMzIxNzU3MZQEFQChBCZqc_ECD2QhBQ9LCAM_NDM1YQZHrzg2MzMzNjM0MTRhBgcAvwAFYAUADQAPzAAVDzIGAAnMAA8yBkIF0gAfOdIABwAHCrBjbGFyaXR5Lm1zL_wJRXVldC8wBg-rARE-NDU5hAIvNjGrARBbYmxvY2uVBGEiV2hpdGUEIw8eIwkKJwABKSPPNzAwNDM3OTY2MzI48gAHALcBBcQBI3AvJgcF8QAfLtMBEy80MtMBAAn0AA8DJDufOTU2NzkwMzE1ngIVD9oAJwA-BCNlbnokANc7OTIwNNoAD60CQgThAB822woIArAM8AdhZHMuZy5kb3VibGVjbGljay5uZXQvXAfzAmFkL3ZpZXd0aHJvdWdoY29uBj4WL8YMIC8_hzwlb220PCAyMJ4HYmN2PTExJjs8Asw8AhgAQWJnPWYBACAmZ5AmsE9OJmFzeW5jPTEmdybzCzQ1YmUzYXAwdjg3ODQxMjg2NCZnY2Q9MTFsAgAzJnVfzggjdV_PCA-rPTwwaG49wwMFGgFwZXJ2aWNlcwEKQCZmcm3IPT9pYmE8CVUQYSUBtjE1MTYwMTU5MDcuHyfgJnVhbWI9MCZ1YXc9MCZwDJA9ZXZlbnQlM0RxDvAALmNvbmZpZyZyZm10PTMmBgAfNHsEEi8xNnsEAAgmBg-HAztQNjc1NDSdBg9TBQgFjAEPpgL_-C8yMKYCDA9TBUIErQIfNjcqCQ-5C_9oHjUUAic4MjUJDBQCGEHPDWBlcnJvciJDRA9LLBsFsgsPGxQSIGFklhQEUQYEZAcPWQcWPzE3JlkHAj8xNyZZB47_DGxhYmVsPTIzS3pDSmotallNWUVQM3N2X0VEJnQHe59ndG1fZWU9MSZ9ByIGzAEPfAcgD_cLABg4AxQPfAc7nzk4Mzc2MDQxOSIKCA8MCQUPuwL__g-RBwEJuwIMfQUPmBkyBcICD8QWCAmfDgOdDg_DFf-zDu8HKDUxqQwMcgIP7wcyFDi8FQ-hEwjyAGNvbm5lY3QuZmFjZWJvb08PgnNpZ25hbHMvmA35HS8yMDUzOTA1Njk0ODM3OTgwP3Y9Mi45LjEzNSZyPXN0YWJsZSZkb21haW49ekwPxA0RPTM1MQoJNzUzOQoJD0saPJ82OTA0NjU5NzHFDQgPFQFvDmASChUBDDACD6IEMgQbAS8yNUETB0BsaWZluBMHYU4WL-gBU2lmcmFt8RsKxhguNjbGGC82NugBSCE4NTsZLzYzbwUhdzU0NDE2MTEwG_8VN2I4NDRkMjgtN2FhYS00MmUwLWI4ZjAtNWNmMDZlM2NkMWZhMBs9CLcYDzAb108xODE3MRsDZzUwOTg2M24CDzEbAy43MG4FARQADzEbUp85MDUwMTIyNDhkDQgJ5wcADQAPdxYTLjY1ShA_NzA2LAVHA0QYLzcxRAMVD8wAGB83zAAND-MEQtA4NjMzMzYzNzMyfV19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:01 GMT
cache-control: no-cache, no-store
server: nginx
expires: Tue, 31 Oct 2023 21:12:00 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 207ms
205ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=3&c=21&i=8drwuj&p=aemprod&s=15559&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiOGRyd3VqIiwicGFja2V0IjoxLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8RNodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9tdXNlBQDwCy5qcyIsInR5cGUiOiJzY3JpcHQiLCJzdGFymgDANjk4Nzg2NzIwNzE1iABKZCI6MRQAUHNvdXJjPACyYXBwZW5kQ2hpbGRBAMB0dXMiOiJibG9ja2UTAGByZWFzb26rAPEJIldoaXRlbGlzdCJdLCJkYXRhUGF0dGVyHQAxXSwiGgAqOlsnABNpfAC_MTIwMTk0NTgwfSzzAE0fNvMAAD82LCLzAGYfMfMAEQHfAfENdGFnbWFuYWdlci9wcHRtLmpzP3Q9eG8maWQ9bjwCACYAD_gBET82NTcFAQAXNwUByGluc2VydEJlZm9yZfkBOmxvYfYBD-sBCTRdLCLgAZ8zMDc4NTYzMTbtAGAvNzDtAAwxbXV0YAOvT2JzZXJ2ZXJDTPMAOC8yOfMAB2BzLnlpbWe2AfEEL3dpL2NvbmZpZy8xMTU0OC5qcwsEA8MDMnhocpMADMADHzjbAAAXOMgBslhIUl9NQU5BR0VSQQACwANbYWxsb3fAAw_KARG_NzAwMzI5MDYzNjHXAO0_eXRjZgUUPzY1OaYBDA9uAzyvOTU0MjQyNzQxNXsCFQ_NABgPTgMCCHMCD04DQgTTAB8yQQQIsXRyLm91dGJyYWluUwPxbnVuaWZpZWRQaXhlbD9vcHRPdXQ9ZmFsc2UmYnVzdD0wMDA1ODk5NDQwMjM0MTgxODc0JnJlZmVycmVyPSZtYXJrZXRlcklkPTAwMWY5NjFiZDliMDUxYTI4MThiNDA1ODM1M2ZkYTkyYmYmbmFtZT1QQUdFX1ZJRVcmZGw9qQfGJTNBJTJGJTJGdXMuogXyDiUyRmJsb2clMkZlbWVyZ2luZy10aHJlYXRzJTJGJwDyCC1lbWFpbC1zY2FtcyZnPTAmb2JBcGlWvQiUPTEuMSZvYnRwEABXMi4wLjX4BXFlbmRCZWFjQQQO9AcA0wgjZW54BwMICAAUAAUBB69TRU5EQkVBQ09OOwQ5zzY5Nzk0ODc1MTk0N5cCB3phbXBsaWZ5yQEwY3Av7wAPbwMWHjJvAycyMxUFD28DPX83MjE0NjMy6gUJD9gAMQ96AwEJ2AAPegNDA94AD7YBCQK1AvcCLm93NWEubmV0L3h1ci80NDCUAg_BBgUfMokIAAAUAAWNAg_BBjy_Njk3MTcyNzEyOTYdBQgP0AC98QVkLmltcGFjdHJhZGl1cy1ldmVudCMF_xVBMjQ3NDUyLTE2ZWEtNDZhMS1iZjNlLTBkOWU0NTE4ZmY5YzF3AxYfMXcDAA9UCkifNzc4NzM1MDY4yQEID_kAUg-YAwII-QAPmANCA_8APzcwNE4FBwAmDoBnb29nbGVhZNsKMmljZSkOYHBhZ2VhZHIKAxEPcC8xMDQzMzNOAZYvP3JhbmRvbT0UDts2NTQmY3Y9MTEmZnN0GABBYmc9ZgEA8yAmZ3VpZD1PTiZhc3luYz0xJmd0bT00NWJlM2FwMHY4Nzg0MTI4NjQmZ2NkPTExbAIA8AEmdV93PTE2MDAmdV9oPTEyCQAfcj8HOu9sYWJlbD1zYWxlJmhuPRMBBcImZnJtPTAmdGliYT2JDzElMjCGBzElMjCIBwHNB_EJMEFuc3dlcnMlMjB0byUyMFlvdXIlMjBGsw_wAW50bHklMjBBc2tlZCUyMFHFDzBpb24tANIoRkFRcyklMjAtJTIwYAAAIAFwX2VlPTEmYTkBtjE1MTYwMTU5MDcueQHgJnVhbWI9MCZ1YXc9MCZUDxE9vQNjJTNEY29uvAExJTNC0AuCX2N1c3RvbV_wD_ACcyUzRHRydWUlM0JlY29tbV_0AQCoCDIlM0TgBAhlCAUmAIJ0cmFmZmljX4EF8AIlM0RkaXJlY3QmcmZtdD0zJgYAFzRrCA9bEAYvNjVoDwAYMigKD1sQBA9iDiSvOTgzMDQyMzk0OA8D__-FDyUGAggPAw8lBkIEFgMvNjIWAweSc25hcC5saWNkNg3_DWxpLmxtcy1hbmFseXRpY3MvaW5zaWdodC5taW4LCBYP8Q4AJzI5ggsP_AM7nzgxODU2ODUzNB0OCA_mAEAP0wECCOYAD9MBQgTtAB81Rg0IEHPQEpBjLmFkcy10d2mFFQHuCT91d3TCARYPzQkAJzQywgEPRA08nzcxNzE5NTA2Mw4VCA_WAC8PsgEBCdYAD7IBQgTcAB813RYIAH4Dz3Bkc3QuZm0vcGluZ24DGh4zeQsvNDWsAUePOTkzMDA4MTYSDgkP0AApD6YBAgjQAA-mAUIE1gAfNlALDGNyZWRkaXSMAgB1GVBhZHMvcGQSD1wDFg-1FQAvNTCwAUiPMzk2MDMwOTUfBQgAFwsP2gAvD7oBAQnaAA-6AUMD4AAfNvsJEgZFGQEUBf8GZ3RhZy9qcz9pZD1EQy04MTM2NDg34QoTD1cYABg3pwIPIwU8nzkwNDkyNDQ2MvAOCADHAQLxDQ_nADYfNswHAAnnAA_UAUMD7QAfNI4DDA_tAAcHOB0K3QEwJmw9SQ2vTGF5ZXImY3g9Y-4BEw-1AwAfOLUDSY80MTE3NDQ1M2gZCA_uAQsPAQE8D9wDAQkBAQ8IAkMDBwEfNRgICA8HAQsC3APPQVctMTA2OTkyNzk1wA4UDkYWGTgnFw_fAzq_NzAwMjkxNjI3NTLqAF4P2gEACuoAD9oBQAbwAA_hAglQYmF0LmIOCQFoBxBjBCHwjC8wP3RpPTU0NDE2MTEmVmVyPTImbWlkPTdiODQ0ZDI4LTdhYWEtNDJlMC1iOGYwLTVjZjA2ZTNjZDFmYSZzaWQ9MjFiNTcyNTA3ODMyMTFlZWI4ZDk1YjhiOTFjZTc3MjUmdmlkPTIxYjViODcwNzgzMjExZWU5Njk5NjNkODhlMTc1MmRmJnZpZHM9MCZtc2Nsa2lkPU4mcGk9vRLzAjEwMTUyNSZsZz1lbi1VUyZz3RITc9wSj3NjPTI0JnRsZBJVL3A9iRo48AByPSZsdD0xODE3JmV2dD1REvYETG9hZCZzdj0xJnJuPTUwOTg2M08FMmltZ3UeC7YeHjB2Ihk49RcPcQILQGVycm8PHwZ7Ig-7HhG_Njk5MDUwMTIyNDg6DQgPcgL_xg6NFA9yAgsSQbkCAi4hD3ECLg-ZCgjxFXVzLWNlbnRyYWwxLWFkYXB0aXZlLWdyb3d0aC5jbG91ZGZ1bvkEEXNaGwAkDgLAGSBzLYcmVi1zaW5rcgMBhxYfc-wlAhA4fRUL-B0BFAAC6hWvIjoiUkVRVUVTVPUdPI8xOTcyMzA5OYISCA8EATtSZmV0Y2i_AQp4BAHuAA8CAQpfRkVUQ0gAAV9Ucy5waW4JJH9jdC9jb3JlTQ4VHjapES84NJgKSn85NTE3ODI5pwgID9AAKQ-NCAEJ0AAPHAYLDz4YJRE01gAvMzCjEQgJGwYxcC9hlgMTL4oID68BFC43MKwRCq8BDxoVOzE5ODHpKR85ggQID9gAMw_TBwAPtwFQAt8AHzG3AQkP-RUVP29sZHUTGBA3zxYMTAQnNDHFEQ-oAkKfNzA1MzE3NjM5Fg4I_wN0YWcud2tuZC5haS8yMDA0L2mdAhQPqCYBKDg0OSMPnQI7nzg5NzY5ODE5Mp0CCA_NACcPSQQCCM0AD6EBQgTUAA_WDAnxAXdlYnNkay5hcHBzZmx5ZXKIEsY_c3Q9YmFubmVycybQBwLLHQ_NBgEvNjVKBAEPfxJGAPkpfzQwMzc0MDlGFAkP2gAyD7oBAgjaAA-6AUAF4AA_MTEzKxsHAI4CIHNpoyaALmZpL3NpZmk-FP8VYWU4ZjFhOTAtN2EwYy0wMTM5LTQwODMtMDZhYmMxNGMwYmM20wESD8wHAgj5AA-AAzx_MDkzMzQ1MnQZCQ_yAEwP6wFhMzY5OPkAHzTuBwhxYS5xdW9yYZwDEXF0IR9zRwUVHjYZFig4NBgcDzoSPW8xMzA1MjTvKwoPzwAoD6QBAgjPAA-PA0MD1QAP7hYJM3NjLYgZAHUoIXNjpwEPxQcYPTY1NDobEDiFAwUTDQ-qAToAYzN_NDExOTgxNz0LCQ_VAC0PsAEBCdUAD7ABQAbbAA9dEQkATQSRaGF2YXNlZGdlWgN_anMvZXZ0bkovFgDIAAx2CR82vTMQDxcMIr83MDAxNzczNTk5NBQGDA_VACsPsQECCNUAD7EBQAbcAB81mQ8IAl4Z8gJhZHMuZy5kb3VibGVjbGlja4oQAkMotnZpZXd0aHJvdWdokiYPTigLPzc3ME4oAgAYAA9OKI4PQyh7DzooIgDzHBIubTQP1yceEDf7Gw2CAw_tKkwRN28gXzgwODM4rQIIAtIAgXMua25vdGNoXwT3F3YxLzY4YzdkNDZkLTRmNTMtNDk2Zi05OWJhLWVjMTdhYjJjMWY2ARwPQBMJHzktBgAAFAAFLQYPQBNCjzg5ODIxMzczlwoJD_oAMQ82EwcfOdsPAAAUAAX4AA82E0AF9gAP_x0MAuwBEC1uIgAjGhBrjwtwbGF0ZXN0LwwAAwwIYD9hY2NvddE7Hz0PAhsPfw0ID-UJAQkWAQ-sCzzAMTkxNzQzNDMxfV19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:01 GMT
cache-control: no-cache, no-store
server: nginx
expires: Tue, 31 Oct 2023 21:12:00 GMT

GET
H2 200 getCBHostName.jsp Show response
support-digital.norton.com/system/cb/admin/ 195 B
890 B 191ms
190ms Script
application/javascript 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/cb/admin/getCBHostName.jsp

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Resource Hash

843d4c26ab79b8ea04917549dc85d3126cd2e1c972377182e009b8ebf25a3e07

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *
content-type: application/javascript;charset=UTF-8
cache-control: no-cache
content-length: 195
x-ua-compatible: IE=EmulateIE9

GET
H2 200 egain-docked-chat.js Show response
support-digital.norton.com/system/templates/chat/ Frame 4288 124 KB
22 KB 233ms
232ms Script
application/x-javascript 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/egain-docked-chat.js

Requested by

Host: support-digital.norton.com
URL: https://support-digital.norton.com/system/templates/chat/egain-chat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

5737ca9a11ba413e912b3db5f0a9f546ad5c9ed423e129e77a1063a00e0c9ac4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 09 Mar 2023 13:40:25 GMT
server: Server
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 2c68b0f4-08bf-4551-bd5b-c604d648a301
etag: "a748b57f762c0af32e91d044baccd43b"
x-frame-options: *
x-amzn-trace-id: Root=1-65416da2-48816a433413c13177e4de2c
content-type: application/x-javascript
cache-control: max-age=7200,private
x-amz-apigw-id: Nr4RXF1SPHcFYEg=
content-length: 22180

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame D919 90 B
771 B 422ms
117ms XHR
application/json 34.30.96.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&t=1698786721215&v=1698786721922&z=1&S=0&N=0&P=0

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.30.96.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.96.30.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

9f36ed07fb1e93d8a8e2d469fba391464dbe657b060dd9fedc3e84c32b38c277

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 31 Oct 2023 21:12:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
x-robots-tag: noindex

GET
H2 200 checkSession.html Show response
support-digital.norton.com/system/cb/cs/ Frame 1D5F 2 KB
2 KB 185ms
185ms Document
text/html 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/cb/cs/checkSession.html?wsname=https://us.norton.com

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Resource Hash

44c6f774243c238ccb1bcebcfb9824dea5fad8aab88d33feff8ddb8bce133b36

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-encoding: compress,gzip
accept-ranges: bytes
cache-control: max-age=86400
content-length: 1606
content-security-policy: frame-ancestors 'self' *
content-type: text/html
date: Tue, 31 Oct 2023 21:12:02 GMT
last-modified: Thu, 02 Mar 2023 22:28:20 GMT
pragma: cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-ua-compatible: IE=EmulateIE9

GET
H2 200 iframe-style.css
support-digital.norton.com/system/templates/chat/nll/css/ 6 KB
2 KB 221ms
220ms Stylesheet
text/css 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/nll/css/iframe-style.css

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

ae3fc72ba0700c4ec7a25c06e10fe8a7c015cdac58e5a1765b78a650031f8791

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 20 Apr 2023 12:09:36 GMT
server: Server
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: db65130b-a0ef-47ae-8f1a-d6aca0daa588
etag: "7360571abb598adc0de570d517389551"
x-frame-options: *
x-amzn-trace-id: Root=1-65416da2-51d633f805e0ff157450134a
content-type: text/css
cache-control: max-age=7200,private
x-amz-apigw-id: Nr4RZHYgPHcFQGg=
content-length: 1244

GET
H2 200 index.html Show response
support-digital.norton.com/system/templates/chat/nll/ Frame 1E71 64 KB
11 KB 236ms
235ms Document
text/html 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true

Requested by

Host: support-digital.norton.com
URL: https://support-digital.norton.com/system/templates/chat/egain-docked-chat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

713768777efe66182455be5e7bed444b80c8a67e9151943bcb800c7d19f6009d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=7200,private
content-encoding: gzip
content-length: 11258
content-security-policy: frame-ancestors 'self' *
content-type: text/html
date: Tue, 31 Oct 2023 21:12:02 GMT
etag: "58ced9723cd1dda918513c15cf4abc0a"
last-modified: Thu, 20 Apr 2023 12:03:40 GMT
server: Server
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-apigw-id: Nr4RaGjYPHcFy_g=
x-amzn-requestid: 5425d3ce-984f-4e7d-a203-125b53fda8df
x-amzn-trace-id: Root=1-65416da2-22ac6b8504ecaef81a497a48
x-content-type-options: nosniff
x-frame-options: *

GET
H2 200 / Show response
norton-app.quantummetric.com/ Frame D919 28 B
730 B 117ms
117ms XHR
application/json 34.30.96.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?s=7403bf13414284016fd863fe6a1fc577&H=25ff219b412e3abadfdae56d&Q=3

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.30.96.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.96.30.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
x-robots-tag: noindex

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame D919 0
644 B 235ms
235ms XHR
application/json 34.30.96.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&t=1698786721215&v=1698786722377&H=25ff219b412e3abadfdae56d&s=7403bf13414284016fd863fe6a1fc577&z=1&Q=1&Y=1&X=410aeb1770fa49f915eec499de2d79ef

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.30.96.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.96.30.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 31 Oct 2023 21:12:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

GET iframe-style.css
support-digital.norton.com/system/templates/chat/nll/css/ Frame D919 0
0

GET
H2 200 eGainLiveChatInteg.js Show response
support-digital.norton.com/system/templates/chat/ Frame 1E71 4 KB
2 KB 219ms
218ms Script
application/x-javascript 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/eGainLiveChatInteg.js

Requested by

Host: support-digital.norton.com
URL: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

19c15cc50396c826c9b0faa7087e76f783b310a9c77a4e3a52d4d2f4de35b7ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 09 Mar 2023 13:40:25 GMT
server: Server
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 31de3708-4401-4857-bfff-1b465e66204b
etag: "f3c4847eff73147613af24d70c724caf"
x-frame-options: *
x-amzn-trace-id: Root=1-65416da2-6ae63baa004674987bddfb8d
content-type: application/x-javascript
cache-control: max-age=7200,private
x-amz-apigw-id: Nr4RcFAevHcFyNw=
content-length: 1450

GET
H2 200 quantum-norton.js Show response
cdn.quantummetric.com/qscripts/ Frame 1E71 344 KB
93 KB 26ms
25ms Script
text/javascript 2606:4700:10::6816:34fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/qscripts/quantum-norton.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:34fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10ee5dceec424da60cca73a53be7dff3c07fb7c020dcccab6e7a743dc390453c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	no-sniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: no-sniff
cf-cache-status: HIT
content-encoding: br
age: 96
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"169342180800116986872540001691740804464"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
x-robots-tag: noindex
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 81eee4d7ee8a1e20-FRA

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame D919 0
644 B 118ms
118ms XHR
application/json 34.30.96.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&t=1698786721215&v=1698786722500&H=25ff219b412e3abadfdae56d&s=7403bf13414284016fd863fe6a1fc577&U=fbb92cb519f66c76d24598cb74ee1094&z=1&Q=2&S=0&N=0

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.30.96.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.96.30.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 31 Oct 2023 21:12:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

GET
H2 200 template.json Show response
support-digital.norton.com/system/templates/chat/nll/ Frame 1E71 33 KB
3 KB 226ms
226ms XHR
application/json 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/nll/template.json?cache=1698786722555

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

33d65952c608940b28ba190eee0de5af24e53d776f0a7c020db74a339cca2000

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 20 Apr 2023 12:03:50 GMT
server: Server
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 26134fd3-ba7d-4272-ae81-9b1a464f9c08
etag: "78001f19df66869c167d1fd7b693759c"
x-frame-options: *
x-amzn-trace-id: Root=1-65416da2-356405d3701af15b7b688aa9
content-type: application/json
cache-control: max-age=7200,private
x-amz-apigw-id: Nr4RdHJ_PHcFx9Q=
content-length: 2493

GET
H2 200 c Show response
ids.cdnwidget.com/ 61 B
230 B 168ms
125ms XHR
application/json 2600:1901:0:56e0::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=211231036&GCS2=ZWFkZjIyYTUtMDgzNy00YzI0LTg2ZmYtN2UxMzdmYzJmYzU3LmxvY2Fs&pe=false&wsid=2004&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A2004%2C%22loadID%22%3A%22BLvXbPVTaHG79EW%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A8%2C%22IDStageStart%22%3A8%2C%22netComplete%22%3A221%2C%22obsReqdata%22%3A594%2C%22obsReqview%22%3A746%2C%22obsReqpage%22%3A923%2C%22IDStagePrefire%22%3A923%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Afalse%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A1%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%2C%22deviceid%22%3A%227638121533348875262%22%2C%22visitid%22%3A%221698786721309880%22%7D
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:56e0:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: 9f8441024e84c58109845fa52d52c98b3a2a6cde7529d923779fc815053795d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:02 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame D919 0
644 B 142ms
141ms XHR
application/json 34.30.96.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&t=1698786721215&v=1698786722661&H=25ff219b412e3abadfdae56d&s=7403bf13414284016fd863fe6a1fc577&z=1&S=8193&N=99&P=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.30.96.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.96.30.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 31 Oct 2023 21:12:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

GET
H2 204 cjs-logger
e.cdnwidget.com/ 0
100 B 192ms
120ms Image
image/png 34.102.193.48
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=forbidden%253A%2520disallowed%2520country%252C%2520country%2520code%2520is%2520DE&cookieID=&deviceID=&BXWID=2004&warpspeed=2%5EHIykD&loadID=BLvXbPVTaHG79EW&version=1.5.9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.193.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 48.193.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:02 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 3 KB
2 KB 138ms
70ms Script
text/javascript 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?wklzs=2505&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYBOADgHZTDyAmG8gFkM2AC8QoBaQgBkwHcApgCMcqYIID6qACZQaPHg0wAnQThAAbOGgwFePAB74FfNTEEq1KqNgCGmzagQBzSXBWaoAC2DAADjgApADMAIJBNABikVFwOAB0CCAqoAgJSCAAtrHCmiAusYJZli7OLpzA3mp2wMHRyakYnMV2qJqcOEh2WTiYAG6oYsCSmSAA1qiCUEHkAEKRNJr+i6ERdL4B9QCs4ZHb0fvR8UkpaRnZR1F5BVfFpeWV1YK1Ow1nza3tnd29qzQAYUWKlWezoq3IABFsCAJlMZvNFjJZKD1vRCCFSCZ8LsQiEGKQKAdCDR-kC6IMZKiiGRKNQaPgQjwyKQeJFyTR+qjZgs6MiuiBECMeoKEMBUWzAYsNB4kFJgABPfyCVEwBw4FVSvl2BU4SSgSSCQz+VAqWroBCq9WajnOTJZcqSfwqEAySQ4ODCSSaQSuKpWzQa9mLcTFPXOUZ2VIS4N0brR8HhNWBm1IwTaQxSfmZIUxrU0GCmnAjeMjUM5RNhZNB-OFlTFyOpaQSLKSQuGAM1jmCfqWb0FFyCN3OTupujO11wFCSNT2koIGTmjB5jl2GCFpy1eVKzWkpPW2M0Ncb1Bb-U7ySDhCWByjw+ZYRmheO-xR4DXkGV6tjo-r9qniRDV7MU73zY9-zPV8zV6SQwDsS0vwPMC-03QDgDNJBJlcUCOXyFxB2HBBpBkX00ELIccMWcDUKkKCej1B8n2RbDEJTQ9qIA2io3o0YQEfeDmLcOB-EXCRKLjN8nW0M0nEVbk6HLMlFjrKQOLPDA5XEmhS3dQRxVYrtFh0gBHOTK0lDkdP6Bw4F3NYLMWYSXDNEi3RAdc+zsaz2jsPI7P3NiwOEASMHnEZX0HLSEC8yQSMGOVpGQN87yhQ8ZBcKIi2AAAZEA7CpSt0Ns2ZoWs+sAG1ugXBUZzsTDJEGMQ-IAXVga0BijHBKu8QRMMFMsWxwVrvw6iqkB6vqdHdCR-GG9qyq67NRWFLJltavgFu62pJGEEBDCdNQNTFOaU1GrqNRwMQMEkVbF00A71FIk6NTO8rrrUQZBH4SQUhIlRpsEWa2tOzbrKcN0c38DBnsEV6kCQSQEDgLJhD7UjLCHGHXo1JAPHEGrMhIw0xQxmQsc2nGMDdZ1ilQZHRicTDMeBl6KcFFQEsVZVyc68rF11fUQENY1TSXBAeYqu1shfF03Q9L0fT9bwJa68twyI0t1tevCCMSlXKoRuwdHc9ofTJlnYc2zWLdekiMyzIYc2OqANt5ymF2mgSowhxnxmZkaKd6qnYvTOBMwZ1AmfNgPebrBsdPLfW45LSTyzbVBDH1ns+x1oc9ZtzaJxkKcRlnbJ51Ei0tc2tS0J3fXa+3ZVL19G9NH1xiBJfN8P31s12kkfK3KImmjuABuUM4oCnoL3nG6dbiYLg8XZ4q4KxAR51I8EVrseAL2VGplRt93za7bD2jj7lU-eZph16a36-bE29fI-cTxWs2QI1gAeh-k5GjnHtIgEihZrwyD3gfN0Hh24+D8N-cIf8AEfHSMAhcggwFDltqHcOMDP7wOCIg-+iRAEYAuFkEBGDnBYMLmoe+rY8FwK2L-YhpwmioOyJQzBEDNqoGEPtCKTcd6r1Vvwheg5vQ6n6jfSWYiIzFhAJhVq+BXpGiGGgVwox4igBKCoCeJ4zzoTqlhFwHcMAaB9O6dmT9kSzmANrAcecIyyFIqgci0d5q8zBrIWK2Q2gryKpbOek9IKLwYnxJi5R9EQUAnRGCndnyaOEqJYRMcxqSX8NJBw+NWrlleipQeITAIaVSZ49JTYNTjxEZVSSpkFTV15lZGywjXYVSLgdE+1T2nRRKB3bwtRboOEHigVAvYs5ZDaPdBRagPEg15rtRAcp9qoCyKPK6K80ldQnM5HoxFxmTOmikPO-QaAd0kvkfK-syldXiI6IcEjHwgH4BqPR1SnIuTzu5Cw-0vKTN8j6fWRcS6Ix6IIU51TfIhQQGFcRpS5kVWSNZCOrjzavURXYSQ3hxCyBkV1dF7gXk4ufnPGQfEpBZCQA6VFVtYSTHJa6IZo8Z6BLRTFOK29ErW02eVaK-QQ7xVokDAOoC+aO2WoPVaQpq4iv5nqA0RoTRml0Bs+aIqpYOk0e0+W3pfQuCqOTNVg1EqNiqRtGVOCHYCilS7AYIrk4mubMUdOmcC4iqBdOMuWQK5i2lRg8q88uZwtZiKgNF4rxtwNX6hJgkF6pF7q6v189s7O2FYmopXFoJ6mXpGmA-r036gwiYnN5Vc6EWIq49xxb55xPCfxRJpiE25urWE3idaY3JK3MWgp88SnFveZctyHkfneU0P8oNlsQ3BQXKFUisKsZjDpYLIWo6VCDhtsIfwNq9KbvKgAIh0ikUYE1xj9V3QAGn3VuFwKQFTnt3d4bIgg73uuAHejUUZxq7uapgfwdRbD2kyaeZAUgYCjpcM-fpUAgA
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: 678af6e2a8e4865d47fd0a9595059fecf15970dc2de67b00c802868671582c0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:02 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 31 Oct 2023 21:12:02 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 47
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 core.json Show response
support-digital.norton.com/system/templates/chat/core/common/ Frame 1E71 117 B
550 B 208ms
202ms XHR
application/json 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/common/core.json?cache=1698786722555

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

86af172e9ce86f4d071b306ef41262ff9dd22e6eb04699107d20f185efbf74e7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *
last-modified: Thu, 09 Mar 2023 13:40:11 GMT
server: Server
x-amzn-requestid: 19e8b446-1164-41cc-a1b2-060aba1308a3
etag: "8ec85de8b981388fe0201d28f0dd57c1"
x-frame-options: *
x-amzn-trace-id: Root=1-65416da2-7578b0791b539d362df4d9be
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=5184000
x-amz-apigw-id: Nr4RgFkyvHcF8Aw=
content-length: 117

GET
BLOB 200
OK e7aef849-6cf7-4431-8191-7bec7be1579d
https://support-digital.norton.com/ Frame 1E71 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://support-digital.norton.com/e7aef849-6cf7-4431-8191-7bec7be1579d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08b4a2b1c1d126faa01aaf03e54b3099c166bbea70aab7d01fb4ca52148dc35b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length: 17224
Content-Type: application/javascript

GET
H2 200 visit
events.bouncex.net/track.gif/ 42 B
106 B 32ms
25ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLpJSQAOFkZ6AE5SuUZ8lzYAZRQAMxQkECd6V3dVADJQCBgkBAbkAaQcHvAoaAo+HjRTdARYJFIcNMhIU2FqduMaejo9unhGTAIkSAJMRnjsw9obUgI0O4QcpDRZgFpIDIQUSC2+1op3Ol0+rxQZE+YHiKCyYHGfWgAzABFIsEgIEuuhwklUzGYiMmKLRGKxmAAnridITepN4vALllgM0QCgHggwDhKC5tNRYXwKQB9VCJIV0jk0ajyXbUahNUiIKUhKXxNIJJIYoVQV5baVyWXylCK3LS6ihOVqjUELVgSAIUzKg1ShVKuUquW8cA3WDYIVwm3YJ2G1ju82qtL-IU2Ai6IWmFFYSDBl3Gt1mi3URBgCCXIVZAi8Y3xxNB93OuWu00e6h5gagBACIVnXjIIV2h0pytp6vhuUs8K8IU+0yXLtGk3Kvv8+JCzCwLI2NtJ5AIXjjqtTzOIBktSDCm6toUrgbr8uGzdh7cJS5DhOvEAL4fhRJrjc9rdS1FLeIIIX70xqwrCd0xrIsKTAf8CGPXRTBAVBMTHc9U0nK8pR4G4slmEtC3bWAbCFSxMDQH531QjN0PteFtUwYdmmTZC5VDCi5UeNAMCHHgyNA6d4lnFAMQIBoyEsM99QvD80MtejuN7TNW3RXQ-y9GFAwY8SpWYmsd1vdtIBQPhmiHeIXyiMSZRQnjrxuPghQU2AlOfEBX3M4DLxY+V4LtOjzm1KjZM-SsvMgHyQp1LIhWE3QAqk6gEGANs2I4miYo8hNC1geIQoGTCckMxDMHHLTp0aYTwn+P8AKAiTyJrUqyDZe1-wpQChQwTBkGNVKaxuGxUBmYj43ojqkG66dUDIf1eCHPN70QMsNO7WqSoaMrGr-eKkzGzN6vKpr5lQaiACsDO2qUbBQCBZwTZzqqnDy7QMoskDvFpf3HQLqHsxybvexizTSgYsKfX67rDDyLquoUllIcc1g2YQK1oJxjhBC4rkw31W2EjrzOnR7DJe6Hljh9ZNgsg4jjAE4znR65sixwYeDfWLvr-GHSYRinkapmnQQxhm+CZ3HPvvYGIo5-74fJpGUeptHLnprJGZxlmPJAGw43mDBmsAs65Q1rWFkIlAKRtdSKYBmtDZovSCEScdJE+hBdHATFBoZO1smQfXqF29b-1FCJZl9mzUUsdsbSQP7Fq++CEgt6ckrXW2QFbbAQGEtXLfcmsBzTuzskhQr-sgJBYDkqV-YqobDsg3r+q9Yjfer-bmjheuCD6p7sNgUwi3tUP6PjdFUHCfdx3Cz7hIGf1VoamvLhjnPJI82FfMQC23NXnrh4ARwn-7iszdeQoHCuitFzJXtu330qHTA4TBkDK8tSNIALItSH9LKQAS32ISTS9qeX2MZfS-jjCALIc1cwl1jrnac6U0CHW1K5GqVkpSAO-sAlOwArbb2WifYejwUCtjQZZV+1B4DYTXDrPqghECjX+ggzMfdkGkJTkJIYSB-QsjIOySwd9r6ZRCo-HI+D0GUPZE9S4eUQra2fiwqUpwWROSTGnD6sUVEoCFGkKAGj-qfW0dDRhBjY6fVIV3P8WR4hYXIeDHqBACDB2sYWYsc0tql3LpQx+wA7LxVujRU+vtfH+NAL+eMjpmE7xcAAESJDAG4ziQAIG5LyKUXp7HUBcKoOQBRJDUEkO0OQch1AFAKC4fYqgrbTlAGgvEpQKkFFUC4OU5TmBlFKHnFM6S4lgTQLQYKAQCCkODGXC+04GjAC3sYBpTSWmxRQAQYMoZMykCibHaWgIKxAjuKjWmitMJ3AeE8F4bwPjEW+L8f4gI6AK0wOCLIkJSDQlhPCCxeoZSrKlMAUwwBgxO2nFkvGmYmHmNivEaZALVCNJcM01pD0zEyk+ICzMaB4hgplOUmsWQVk1lIFC88cy4ULI8mkeIkF4D3IBTyeJ8BOrtRgPQoQyAcDpEyDkLo9LUCMugAlJAsDcSFGKJ0yo1QuWMIWNgaAFh-gNDOFkHAKh+BCCkISblUqYCtnCQgKqOBWxgAiBcUwXRPZMmQNASMqlMD8vtLwHAhIMAEGgD6bASAKSHlSbEgAol0J1Lq1Lus9XIHAPqACqfqEDOtdWXCkYjUlxCQE8ykkbo2XHdkmT1OBvURs-qkwkAhbB9AQGnHANJ1AJNLcS+FbSCgdPKF0bVt1S05LyQUopJTSnlMqdQapXQFENgEFWroiA94V0wL+UthITIpOwJiHIj1oG4hhfMhFpRmAuFNeEJMKA4L8sFfpNAchG0BN-PqkdUcz2FpsF0TVOBuVAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:02 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 pageview
events.bouncex.net/track.gif/ 42 B
106 B 33ms
26ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1NyhAdAHYD2qubLTAxmwFt6AI3Rsw9CAIiowMFmAC0ubKgghcJWu07dFUkDHSLCvEAMIAyUJFgJEvRlwFQQqGCFERCmYgHYAIWoqMxYAEwBPAH1UEF4AayjYQhgvYLJKKioAMxB0Qgh0qgBhYN5sCAS2ZFwomFwpLSoM4Nz8wqzqUqzyyvjq2sIG4HSKVryCou6qMJhTapZa8wXcUcyqAAYpsuwNKOE2AA8o4DUCxbXx9u2sgsIU7iiBNjC8k7OIC86xrLbJzpKwUeajs8CiHDCMiiQwgI2+6z+HWagKyrnQMDCUX4yGA3EuvwmSK6ZV4URYyAEwihnwaajC+JyhJuVAKjncuGi-EhURpMgg9PhV3+yOmrO4mNOUhgFKx6IS-IZiOZhGqqF4ECiHOARJ+jOuAOmrwihE1bB5h2AMFiuBgeMFBP1IuC8n4AnkYHeL2hyGEUXQnzAKkVTINzoaFjqLCxblW9s2zLEYEgmPkwcdxJ6pJANTY2SM-oFzV1StDPRjaeFGZmEHQyEOGtm82QXyL6y2pZZlXF0NwIHCbkxvDl8QVcZLTtuXfCUUhtfrspg8sLLQdlZROStQ2jnDq4YrRPXedQW7MO-qUiiecO++Z0ChieTkZvHdOL2QvFqald0n7NrtreCdsJyoEBsjzdENA1LUdQRENgNA8CPAaTUIm1KJIBYGQ8mfYD+GEWJwndE4Y0w1AcKrWIjCiEAwkxR5JXOWMANXA9pgQowkI1O8WxXPU1zYsCOMg4jYgjAArPtyPXYQQBSUlTkXGCimAoY+1eVAJXcdUGWZWc6w1BTtLjZlJTdGVDKUgFgJkuSojQdAGTwAgSB+OhaEYVgOC4HhXWbSE80w5d11U-sNLsjBHPwIgVzchhmB0by+EEPyIAC0dgL0+d7Mi5yYvoDyEu4JKBBStKgumUzpQEcKHLjJzotc-L4q8orfPCVL5HSqtUmOGwoNQyy+NY51hF68ANXQEAIgGHSOx6yMezYBIGQARlvQ45htBQsScQQZCkgTEOE3BYgSd0DrKbgVX9aFVSM5iZitSomKrB9+QWjEaRgPMuuLOCqzRDEZ0EQwWAZE7kGGrJ2Ig5DQFEk08II2YFAu6HBNhgy3HMRG2HwtSiJxV4GjRkIYxOWtYnRDkGXPIQOyPDUYc48EWHu3jxyrU9BggF6-vTdduaiABHGm4yArnybRSGGQl9dX00xTSYVslzEGznBd2XBnledBqI-GAoHV-71wMKihg4X7YIF6YDmbdVjhgAQGIeMGxxNirUHEUS6mXfn+OCM29YtukkmRB6NemIWxBoq2hShqhGCI-lIH2L34AKMj3Zt4IcTAWJITosCoRAVwjE8f1la9sJ31qFg1fDjmPeCTw1O4H9aj60n2FcBcvr99ZmR7kAomweoMVm4Dh7szOJ+MjsaLxjUBF4N0B+Urm2DYeI4CeF43gYmlwdQGWO3rqAZ2gRTI257vS8v2B1ROOEI-+vwABFrHG0EHC3nfvBgAALwgJgFaGwqAAA4v62DgEgUI3BFx5BwFFFymRYoFRaj5QQIhEySGkLId0yhVDqE0PQQqLB9ACEMMYUwONoFX3sPwbeu8uBmkmrIEBiJ6E-yYf-FC2pMCkGAPkbhsDf7MI1CkYBmAqAADZSArUsK6YADhnaYA2EowQKjcC8GyOozRzsUCEGAPo5RiAwDABMRonWICNHwAgMIFIDQMQyI2BsAALJYZI48wigNkQATggX4CBsi-BZAgRAjYABWfx-jLCQkfhAFxfh5EQJWlQFaUTSDZPcREvwUS5FUFEQgFxiiCjC0hmzJJvjFFDjgIsG00hVJqJWgEoJISwlUH8WApR6IaQgEtEbY8toWCYF7GAUg8Sr7qkwGESwKo0AzPscISw41FiYEYDIIAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:02 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 item
events.bouncex.net/track.gif/ 42 B
106 B 30ms
23ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/item?wklz=JYFwpgtgXMAmC8A7A9gJxMxBaSBDYANlgM4DGuExApAMwCCWuixA7mKsVhlgJ7ICuqLADNUYAI78wiEAR6NiAazCwsksMRDBMnABTDc44gEoAZKEhRSyAA494AOTQZEVAEwAGPIXceyFanpfOmY2Dl8MXwBNAVRfADExdRk5YKUVXwBFKU1tZl9deLpMk3NwaHJwAHM0exR0TDLLYAhcKrBBAngACxAQG0C6d3jhgCN+eU1cLVIAOnqXWesIYYXMYYHh3GFhccRYAg1hlrajt3iCZBqsNewCAlmbRCqm6E6evs2g8+H+YnnnJglsgVudRpcqsNIOwqsBnlxumJptRzrccK1CCRyJRXjBmBhSIp4CBUFJTBBkLAwPAPKY2KNiBY4PBPB4ACymABuwEZWgQAEYAGwATgAHAB2UWC8VuNyi0UeACswuFpip3NIYGZ4sFNFF-Lc-MVNBNbPl4sVbkFblMNlO3LALGZ-NMxAkUkQmuZNtIBGA0j6LQ0IAoNngQrFkulsuF-PFpl9-pkuBswE57EZmGJbRoarAGupsFdsU18HpplOMngf3YQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:02 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 view%20item
events.bouncex.net/track.gif/ 42 B
104 B 31ms
24ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/view%20item?wklz=JYFwpgtgXMAmC8A7A9gJxMxBaSBDYANlgM4DGuExApAMwCCWuixA7mKsVhlgJ7ICuqLADNUYAI78wiEAR6NiAazCwsksMRDBMnABTDc44gEoAZBGSww8AAym2AI2KgwceACYbNgCymAbsDOWggAjABsAJwAHADsUWEx7u5RUTYArBERplYBpK4IMWE0USHuIWk0ld4pMWnuYe6mAA64AOZgAWAsbiGmxBJSiHluNKakBMDSIFoQGiAUTfDh0XEJSREhUWMTU7hNwH7szpjw862jOcB58LB9AqjXjqZtU-D8-ahAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:02 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 cmp
events.bouncex.net/track.gif/ 42 B
174 B 29ms
23ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/cmp?wklz=MYewdgzgpmAuBcsCWBbKBlWBDFAHAvAIwBsAnABwDs5xlATIXQKwAsAZKJDAgBZYQBhcNDj4wIAKR0ADMDxsUIACZR80tgHcoAIwhJYUJEvwzp7AG5I9yYyQrVadOuXLSmpUmxWXgh45WIAZnJGQiZAiJYXSiY6Yjo2XCwAcyhLKA0jIjZoAEcAVxhfLPZgABskbmQ0CGw8IjIqGno6UhYmDgruLFwkcygAJz1wfGxkwK80pF98JRyQfIGZrW02FO58fOgBoA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:02 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 / Show response
norton-app.quantummetric.com/ Frame D919 0
644 B 118ms
117ms XHR
application/json 34.30.96.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?QUANTUM_WARNING=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&CORS_LINK=https%3A%2F%2Fsupport-digital.norton.com%2Fsystem%2Ftemplates%2Fchat%2Fnll%2Fcss%2Fiframe-style.css&hit=25ff219b412e3abadfdae56d&s=7403bf13414284016fd863fe6a1fc577

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.30.96.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.96.30.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 31 Oct 2023 21:12:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

GET
H2 200 template.json Show response
support-digital.norton.com/system/templates/chat/core/aria/root/21.0.0/ Frame 1E71 40 KB
6 KB 220ms
220ms XHR
application/json 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/aria/root/21.0.0/template.json?cache=1698786722555

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

35841586916c42ab55342f74b9781124f437369bf38be24488ed5aeff7693256

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 5166395c-ac77-44cc-8c7b-9c56ff1fb017
x-amz-apigw-id: Nr4RiE3FPHcFY0Q=
content-length: 5476
last-modified: Thu, 09 Mar 2023 13:40:04 GMT
server: Server
etag: "950f57208211246e43c952f2f5a1e248"
x-amzn-trace-id: Root=1-65416da3-3427e762546ed6f8241cbc9c
x-frame-options: *
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 external-libs.min.css
support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/css/ Frame 1E71 202 KB
31 KB 236ms
218ms Stylesheet
text/css 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/css/external-libs.min.css?cache=21.10.1-0-202303030620

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

8454a8ebba1b19a39156e9548761de9d366cd4ee1d1031305d2fe4a6e78474cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 67bda03d-9a79-455f-9eb8-48e00103f711
x-amz-apigw-id: Nr4RkH7NPHcFdYw=
content-length: 31445
last-modified: Thu, 09 Mar 2023 13:40:12 GMT
server: Server
etag: "7221481b7871e0468efec92e57e15b2c"
x-amzn-trace-id: Root=1-65416da3-3f00526460110ab74e04e674
x-frame-options: *
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 kb_ckeditor.css
support-digital.norton.com/system/web/apps/resources/css/ Frame 1E71 17 KB
3 KB 411ms
393ms Stylesheet
text/css 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://support-digital.norton.com/system/web/apps/resources/css/kb_ckeditor.css?cache=21.10.1-0-202303030620
Requested by: Host: support-digital.norton.com
URL: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-13-223-29.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: d3f62c0e83358ea15bdac14acdfcd658d3004a155edbb30dd37729732767a536

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:03 GMT
content-encoding: gzip
server: Server
x-amzn-requestid: 5e7dfd32-176b-474d-a7d1-b70e9acb474f
x-amzn-trace-id: Root=1-65416da3-2f791e351b0a4ebd5f96d0dd
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Nr4RkHwoPHcF6_g=
content-length: 3000

GET
H2 200 application.css
support-digital.norton.com/system/templates/chat/core/aria/css/21.0.0/ Frame 1E71 190 KB
19 KB 226ms
209ms Stylesheet
text/css 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/aria/css/21.0.0/application.css?cache=21.10.1-0-202303030620

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

d6ac85ccebb4f4f5577ee62f197b01c80e01c813454ef5c998df0d4f378a89a1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 854cc3fd-2297-4779-892f-b68870fbebac
x-amz-apigw-id: Nr4RkGZhvHcF1Uw=
content-length: 18667
last-modified: Thu, 09 Mar 2023 13:39:44 GMT
server: Server
etag: "3ead93c30b205ebf08a4d4fc4b8f7997"
x-amzn-trace-id: Root=1-65416da3-29b82c18614496e1271c7ccf
x-frame-options: *
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 custom-application.css
support-digital.norton.com/system/templates/chat/nll/css/21.0.0/ Frame 1E71 271 KB
28 KB 411ms
394ms Stylesheet
text/css 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/nll/css/21.0.0/custom-application.css?cache=21.10.1-0-202303030620

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

6f18ee6b80b3cf696d7fe22e4f7ef414301f6c3d4396f7c3d13d23eea7166e2b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 20 Apr 2023 12:09:41 GMT
server: Server
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: ab1f863b-a74e-415e-a05a-3e295fe1dc82
etag: "4ce3b209df79f58b2cbabc315e5e0490"
x-frame-options: *
x-amzn-trace-id: Root=1-65416da3-60d0276a4f64d44066b3494d
content-type: text/css
cache-control: max-age=7200,private
x-amz-apigw-id: Nr4RkGrWvHcFq1A=
content-length: 27721

GET
H2 200 external-libs.min.js Show response
support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/ Frame 1E71 519 KB
164 KB 410ms
394ms Script
application/x-javascript 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/external-libs.min.js?cache=21.10.1-0-202303030620

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

7065fd91818e713fc7e0b6ede5b478108d14b23ac56999774018fb8bc22091ee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 79d2ecf6-0721-4f25-ad18-5a65e24e71eb
x-amz-apigw-id: Nr4RkFytvHcFkdQ=
content-length: 167665
last-modified: Thu, 09 Mar 2023 13:40:12 GMT
server: Server
etag: "13ea55e3b01e4381a7e2e8d32b08c241"
x-amzn-trace-id: Root=1-65416da3-7e038c234b438f1a26396fed
x-frame-options: *
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 egain-bundle.min.js Show response
support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/ Frame 1E71 735 KB
163 KB 607ms
592ms Script
application/x-javascript 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/egain-bundle.min.js?cache=21.10.1-0-202303030620

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

67ea25b667e682329257a5d41f9c64373b8715f2d6891fbb846cfbd008da44b7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 7c0a1280-4dfa-4c4d-a037-26fa1e9b22d6
x-amz-apigw-id: Nr4RmFh6vHcFj3Q=
content-length: 166367
last-modified: Thu, 09 Mar 2023 13:40:12 GMT
server: Server
etag: "c2dae2d24bf2138b2c36c6fc1241093b"
x-amzn-trace-id: Root=1-65416da3-023d47985929164d5f26b762
x-frame-options: *
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 angular-locale_en-us.js Show response
support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/i18n/ Frame 1E71 3 KB
1 KB 407ms
394ms Script
application/x-javascript 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/i18n/angular-locale_en-us.js?cache=21.10.1-0-202303030620

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

36f3de8125c18db4731b41f5403f2a7b9ac09fd6ed2ae40d4045f03a8cdd7a86

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: ba484c5d-937c-444e-bcb0-cfb049d68fd2
x-amz-apigw-id: Nr4RmEMevHcFwaw=
content-length: 973
last-modified: Thu, 09 Mar 2023 13:40:15 GMT
server: Server
etag: "fb917d46d4b430c3dd93382c7cea5101"
x-amzn-trace-id: Root=1-65416da3-72aa30f9178cbd251d2cbc1c
x-frame-options: *
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 custom-application.min.js Show response
support-digital.norton.com/system/templates/chat/nll/custom/libs/21.0.0/ Frame 1E71 115 KB
23 KB 595ms
583ms Script
application/javascript 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/nll/custom/libs/21.0.0/custom-application.min.js?cache=21.10.1-0-202303030620

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

3db55960e8bf49c8012b7f7e17ab9660b284b26d59e01718833568336e837791

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 20 Apr 2023 12:05:31 GMT
server: Server
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 8c3991c0-00e5-49db-970f-e66cb515360d
etag: "d8b3ab3cf2d6768699fc528eb885fc1e"
x-frame-options: *
x-amzn-trace-id: Root=1-65416da3-695133546f9b46c4615c9f32
content-type: application/javascript
cache-control: max-age=7200,private
x-amz-apigw-id: Nr4RmHTTvHcF83g=
content-length: 22889

GET
H2 200 application-bootstrap.js Show response
support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/ Frame 1E71 37 B
476 B 599ms
588ms Script
application/x-javascript 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/application-bootstrap.js?cache=21.10.1-0-202303030620

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

9b3c31d3c84a5c046be4503abe96bb606bc21dfd10db305ddd88331dbcd96939

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *
last-modified: Thu, 09 Mar 2023 13:40:11 GMT
server: Server
x-amzn-requestid: 68142904-2992-46c8-8ead-c754f84f2f8a
etag: "20016a8332d9674a7e6c2e941b9fd924"
x-frame-options: *
x-amzn-trace-id: Root=1-65416da3-3973b5984447ec7b0729ce54
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=5184000
x-amz-apigw-id: Nr4RmFn3PHcFpbg=
content-length: 37

GET
H2 200 reloadCampaigns.js Show response
api.bounceexchange.com/bounce/ 3 KB
1 KB 46ms
45ms Script
text/javascript 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/reloadCampaigns.js?wklzs=2663&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYBOADgHZTDyAmAZjv302AC8QoBaQgBkwHcApgCMcqYIID6qACZQaPHgBZMAJ0E4QAGzhoMBXjwAe+BX3UxBq9aqjYAhlq2oEAc0lxVWqAAtgwAAccAFI6AEFgmgAxSKi4HAA6BBBVUAQEpBAAW1jhLRBXWMEsq1cXV05gH3V7YBDo5NSMTmL7VC1OHCR7LJxMADdUMWBJTJAAa1RBKGDyACFImi0AxdCImho-QPqAVnDIneiD6PiklLSM7OOovILr4tLyyurBWt2G8+bW9s7u3tWaABhRaqVb7DYA4EbIaSVwgSQ4DRiDBgsIwRyIyJQmgw1wBBFI9AIVHorSY8gAEWwIAmUxm80WMlkqMW5EIdFIpnwewYSlIFEOhBokMWgxkqKIZEo1A2-J4O2IxCxopZDI2TK6IEQIx6WoQwBZGx4Io2mk8SCkwAAngFBCSMXagYz7FacJJQJJBEYAqhVLUiYaaKTMRCndDkNlypIAqoQDIEXBhJItII3FVA8HHcKwziJL1pAhRvZUoHjaHsd0SxDwpnlerBDojFINZltaWTUHfTgRpWRuJivayY7sTAuz3i3285JR0YMw6O4J+lZkwVXIJ4y5ByHsTG43AUJJ1JksiUEDJ-Sjq+sFB37DBR85apabVm1ota+XFneH6gn+6X7CqZWI4c5Dh2mTCH6Z5RgEE4IFYoEhtm2Lfu0v4SJ6S76ohr45qhj4YbBfr5mA9jEle77zp+Gz4ehlp+kgkxuDhHb5K4a4boWsipmgo7rix1E0LRf5ET0boQVBTLMRRGwfshX73mhInFmJowgJBZFSe4cABOeEgCfJGy9tGOh+s41qBv2OSCaO6iSMJGEYBaBl1jQxmIgaV4fhWE6SAAjhZV5lj5qSSP0jhwK+4TBYsOmuH6MjrpIID3su9jhe09h5FF15ya5WWaRgp4jLBa4uTmCDpZIiWDBaBa9ludqUq5MiuFEY4ADIgPY4pXsAqiRa5MD9J5wrhJKFBULQhlCSAqIxRsyyBlsQQHOChwxDQG2nI0FzHtctyFFt0QPKoZRuM8NR1Ncu1fFkbQdF0Ym3vUY1hAtND9AE-QSi1ga9TNoIydmM1ICNEokJNMozWIANrEormuEgQNvfyrnWW9H1aODV4TdK02uT4SBuvEt3kW9+CzFS4WqDgADa3Rnlah72IxYVDKg2UALqwA6AzFvTSA+IIjFapOxQ4Dzmb87TDPC6LugIhIARS3zNP0y2eo6lkWs83w6ty7UkjCCARjRuoiL6qrQ4y-TiI4MihY6+eWjmxoPHW4itt0xgh6LlM-DJaoiWqErggq7zNsG+Fzjxq2AQYJ7gje0gSCSAgcBZMIy48VY65J97iJIJ44jM5kiWevqecyAXBtFxg8YxsUqCZ6MziMfnkde3XWqqHV1q2rXAt0+erruvCXo+n6egIEPssuMeMGxvGOCJsmqauFUc-01ZbouEWqR697bEcQW28M2n9i6Cl7QpjXXfJwbvbn4ljbNkMrZW1A+vD-XZ5K5pYscd27jE7tLOuIsG7VQbHAJsbdUAd3vuA4etluwH3Flkc+qDxyhSstOVARhz6LmXCfJKLhz67hkPuEYR5sinj0kSI+BsHLPkHg-b2LD-y2kAvBMy58JKaRgnBKw58-TtHsjIeMvsm6W2AOfThxCv7INlpw0SJEyLn2EPYMQacYwIMEDzQuwBAHB3NvowxBtX6wKkHoi0Fjh5NyyC3LIZi7F2ANlonRHgvA8xWiEcIAB6AJO1PjpGPIgRKo54IyCMSY+MngtC+P8KtQJwTEhk0uFkCJggonrm9lYuBCSknbDWEEkJTQwnZGybkmJBtHHOO8Yk3wyT-FhDKek0JmTqkuDyQbTmZtSqsIMewvpwgBn2DXMmF0Yt7HzzGQWJWIBGI82YAbL0Qw0BuFGPEUAJRVDyMUgReirMmKuH4RgTQKYES9zcUyI8wBj6rjIVxRK+pUB8SQWrYeMdZDVWyG0WeUB+qRQ4Ycui0YVL5gEdBNwByfzKWIuJdSkkow6T0sM5RgtfIBFMo4UuPMrLe1slIThTkMVfNlu5QQciRnD2MgFK0TC6W+RjpFJlstKGuPJVHBxy9049G5d3OlPhajO0cPZFAqAlxEPuuI7sKQwEUvpibRAFozaoCyDIx2FDYzxR6NIT5PLZbfFdvK9Q8Z+g0H4b5fIPVFVGvpvEKM65JmQRAPwRE+zaWyziglJKKVLCh3Sg9LKKYdV7gPJVEoVrvX0wKmeIqPEIVrnPskcK8CeKyFmfTNN9hJA+HEFm9xw9c0eE9UWjhMh1JSCyEgJx98U40kmDWuM4qZEeyBQNR+Jaqo1X0fVCcqbe3+zqgECO0sxjNvHvCLQxY1zsOEAEb+mBqVLrpgAImMikUY8txhi3XQAGk3U+OEqgrSHvXT4bIggL2UOoRexExYhbrq5pgAIdQ7DHhxb+ZAUgYCztcO4kVy7vqyAIGoLQA9pieIQVyg93Y4lwYKTY1Q+iD31NbrYwQB6YNpwSfB4xZ4gGNIPchkjGGXH4cyAgS5UgzR92wz8+MVbZUIAPcZHFng8XWgPaWpAzhM0yF4yAdNBa0BCdLfEKwsgD09WrZIWt9b2NNqmAp1trt236gg1G6YNNfzZSAA
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: 3f621ff0ab68e4066ed20d6df4eae57ad20f6c90271a8268dac373e696179f7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:03 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 31 Oct 2023 21:12:03 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 21
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 reloadcampaigns
events.bouncex.net/track.gif/ 42 B
106 B 29ms
28ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/reloadcampaigns?wklz=E4UwNg9ghgJgxlAtgBygSwOYDsDOAuOAVxwBcJEA3KYNKAIzBBwF4BSAdgCFWAmHhLDACeAfWBQ4AaxEU0ONAxC8erAMwBBZQDMoYHEr68AwsrgALEFIiESItCRCIcytZr469BlTxN9zlyWtbUhBkFw1tXX0XH2UYOThrLFskJJJwtx4ABhjffjMoWzoIAA8RZFB9ZIzIz1zlfRx5CCwRRAgYXXLKkGrDCPcor2NlFrEQWRAAdxEIYBgQYBEQsP7Mj2jDWL4qMDQYEUTCZBaawbqtvLg4ESxCRDpFkV6HUBgzng3h7Z59IhoSKJEgtnslFiB3mtaptvHk-i0DhVHGh7oc9lIIR8vvU+DhrMA4CARIDkMMBp8hjieJ0hDhiRBniVkGhxCQ0KcoecYSM+GgsIlEHyMN0OstCHQRIwsBgSGYsZTLsp7I46XzDtR0pzslTIBgMBC7Fh5RdYaYblAbBAtGgwIxISpydjFX4NcbuT8FmBCCUifEcEc+g7Mjlnb9LAjliQoIJqAc4OjJJitU7Tbjw4IRJ7vUT42gMfbXNDvnlrcBSOrgLZlYg3cXtCzywhK3YHIgRNaSrWqRMnrr9Qc+V3QxUOoQ4LZQALEL1OmyOUHlCHUzwoFprXtCkSSWT1grl6v17QHMShKSRPqsItdEPl4k6OJBELyhrL8AbzyeOIbSJYAcxkiqk1BcuTrPgDxtI8iR7QNCxAqlwI3Y9UHEJwRAAK2jd8fjoKB5BuCo8x3GJl1IaNOnmbpCI+Kksx9SjCWo4dQEFVECIYrUqRwvCREIYAwA+MwSBIZBnAGAAxXgxOIAA6LA5jILBpIFQhBBAa1LwLH5SJjCjeP4rVBOE0S3AkngpJwWT5JaJTyBUhZ1KTZdaKJPSBKEkTYNM8zLMrazlNUhzNLyJEWLbVyDPc4zJMkmS5N8xT-PsvlHI-BQylQfUT1JLC8jS59MrAKAhCCRjlzytVSAgKQPgARm7Eo5DZaVDmIMhpzfZM9w-BDIOJcQpCFHLTBaPFGGWfF2OA6kWUsICPz7A01X2F40GtFLHS6n5dn2TNyHQI0tRIYBCFAlc1wgzdnxQuk7wfeJpSGsDzsQolkKQG6IHvMin2OWciLg0Mm1sZAvXEPZAQ+asqVLIkesulpJtgikTQ-IHlhAOaNpRn40YARwhrUl1RjUZF0E6PiJn4R0RGhEax91guAUUsCQf7kYZ0wChIdpOjAH9xzQCg2ZTD9HHQPnKreR6eGKFTCTKNAUEqZoDqmkWqaZjAULsAt6dOsXv0lg0KG8NXNquEnIFgdbd2xvJiCfCFMvvCApn0Dqzbt5Rji162-zXJ4oCoG16EYaXqbHWwWenU2kfVvJ6DIlpp2SfLhfN5Q5KoNE0BW3XMipLOoBEMx7H2UqPyLnj3fLjjQ1gT6iUQOBBXz4jUYgCBJFztoOi6ACXg+I7ydDFmKEzCZCMNIHpbHifZEJcpVk97l2AAEQAMlAK34CQVBMFwPBo5AZgqBoUOQC38BoF3lB0GwfBt2YLi83ogwjG08iaaonxnLf4wQoojbGxd+L8bjhQ-lGHSBwIF-wgYA1EEDEi4AgGNPEvF2JGG2gcGAe1Bw+DRiDXiuh7BCGMFXXMedyEQGzqXNkkIjBV2IIsWuRgG6PDaC3VhiQu49x5v3HoyQN48xPlkDeUwQB0HkA4fYzBshZAACwb1kNI2RNUABsABOAAHOwbR6j2B8G0dorIABWTRmiN4LAXiAWR7B1GqG0TVHgNVTGqHcQo4x7BTE8HUTwDeGVJ7TDURvfQuMTr8lsTAZgpiN6UOSGyacpEUDMA0TovRBieDuJqtouJewXhQGZELMs7IsDMCjBgVQVjJ6EmYDAUJE0T4SLoBvKAF4SDMGYcAIAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:03 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 6
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

OPTIONS
H2 200 hash-check
rl.quantummetric.com/norton/ Frame 0
0 391ms
116ms Preflight 34.66.3.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://rl.quantummetric.com/norton/hash-check

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.3.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.3.66.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://us.norton.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: https://us.norton.com
content-length: 0
date: Tue, 31 Oct 2023 21:12:03 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 hash-check Show response
rl.quantummetric.com/norton/ Frame D919 2 B
225 B 384ms
140ms XHR
text/plain 34.66.3.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://rl.quantummetric.com/norton/hash-check

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.3.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.3.66.34.bc.googleusercontent.com

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 31 Oct 2023 21:12:04 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
content-length: 2

POST
H2 200 mon Show response
bite.australiarevival.com/ 0
39 B 107ms
106ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/mon
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://us.norton.com
date: Tue, 31 Oct 2023 21:12:03 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 en-US.json Show response
support-digital.norton.com/system/templates/chat/core/aria/l10n/21.0.0/ Frame 1E71 19 KB
6 KB 207ms
206ms XHR
application/json 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/aria/l10n/21.0.0/en-US.json?cache=21.10.1-0-202303030620

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

12d47240f7cbd02b0e6d9cf584d5fad93e4837ae38068ee5766648e8fbe868d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Accept: application/json, text/plain, */*
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: cea4bd17-676b-4ed4-934f-33429332e915
x-amz-apigw-id: Nr4RtEpdvHcFTFA=
content-length: 5368
last-modified: Thu, 09 Mar 2023 13:39:46 GMT
server: Server
etag: "f24038147862f1fb9392a64d3cfb7ad1"
x-amzn-trace-id: Root=1-65416da4-0519591e1b11091341497487
x-frame-options: *
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 en-US.json Show response
support-digital.norton.com/system/templates/chat/nll/custom/l10n/21.0.0/ Frame 1E71 288 B
704 B 204ms
203ms XHR
application/json 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/nll/custom/l10n/21.0.0/en-US.json?cache=21.10.1-0-202303030620

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

bbefe320737fe495cd077de514d582b53864460f0c782ad24d1904d1627fa9c4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Accept: application/json, text/plain, */*
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *
last-modified: Thu, 20 Apr 2023 12:06:17 GMT
server: Server
x-amzn-requestid: ea4f6e43-5cf4-4e8a-b466-8b588f50f7d5
etag: "101d52f83210d1512e17c5a69bc13da1"
x-frame-options: *
x-amzn-trace-id: Root=1-65416da4-10e7d43e50bd15b47d555775
content-type: application/json
cache-control: max-age=7200,private
x-amz-apigw-id: Nr4RtHAbPHcFz9A=
content-length: 288

GET
H2 200 page-config.json Show response
support-digital.norton.com/system/templates/chat/core/aria/config/21.0.0/ Frame 1E71 18 KB
1 KB 235ms
235ms XHR
application/json 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/aria/config/21.0.0/page-config.json?cache=21.10.1-0-202303030620

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

49c3e031c81d8350edfad2541050049a252b9d0171ea2737407950252bf36245

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Accept: application/json, text/plain, */*
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: e9e8e86a-128b-4cb0-9e6d-7912f5f37c2f
x-amz-apigw-id: Nr4RtEg5PHcFfTQ=
content-length: 738
last-modified: Thu, 09 Mar 2023 13:39:43 GMT
server: Server
etag: "09a9fd20e1d2c8925e426257d8e1a280"
x-amzn-trace-id: Root=1-65416da4-6a292b1d70dc14350cff3901
x-frame-options: *
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 custom-page-config.json Show response
support-digital.norton.com/system/templates/chat/nll/custom/config/21.0.0/ Frame 1E71 4 KB
855 B 226ms
225ms XHR
application/json 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/nll/custom/config/21.0.0/custom-page-config.json?cache=21.10.1-0-202303030620

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

0f5835f8248e73e4d1e8cff3b30d277517ac78d3181c3624b867e732d7e21bfb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Accept: application/json, text/plain, */*
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 20 Apr 2023 12:08:43 GMT
server: Server
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 2cc343b8-13cd-4e78-8fd1-31fdb0bb10d0
etag: "713d887956825951ee789f0756b83b74"
x-frame-options: *
x-amzn-trace-id: Root=1-65416da4-4cac111d734fe0ec02a26f43
content-type: application/json
cache-control: max-age=7200,private
x-amz-apigw-id: Nr4RtEsZvHcFvuQ=
content-length: 423

GET
H2 200 component-config.json Show response
support-digital.norton.com/system/templates/chat/core/aria/config/21.0.0/ Frame 1E71 22 KB
2 KB 206ms
205ms XHR
application/json 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/aria/config/21.0.0/component-config.json?cache=21.10.1-0-202303030620

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

29cbaaef845ba215a542fa66bcb378db6e47f9b432de280d0f31050f02e455eb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Accept: application/json, text/plain, */*
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 438c1f15-a2d2-4091-9fb3-739d447c2ae1
x-amz-apigw-id: Nr4RtGfoPHcFVag=
content-length: 1847
last-modified: Thu, 09 Mar 2023 13:39:43 GMT
server: Server
etag: "6a0749f7fa6fc7267dbe5fc5fc1e005d"
x-amzn-trace-id: Root=1-65416da4-511461ef02b42cae1db764aa
x-frame-options: *
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 custom-component-config.json Show response
support-digital.norton.com/system/templates/chat/nll/custom/config/21.0.0/ Frame 1E71 10 KB
2 KB 221ms
218ms XHR
application/json 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/nll/custom/config/21.0.0/custom-component-config.json?cache=21.10.1-0-202303030620

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

26188be6d542dc6273d9a079d7e12e9d8c1c1eb8e3008b3f9ea8117f18614dfc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Accept: application/json, text/plain, */*
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 20 Apr 2023 12:08:38 GMT
server: Server
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 665d54e6-ce61-4aec-a78b-8905c39d62cc
etag: "4b7b82a73cc8747ee9e7477bacb05b38"
x-frame-options: *
x-amzn-trace-id: Root=1-65416da4-4c9ecfc8073f1ea25664e404
content-type: application/json
cache-control: max-age=7200,private
x-amz-apigw-id: Nr4RtHBLPHcF8qg=
content-length: 1231

GET
H2 200 layout.html Show response
support-digital.norton.com/system/templates/chat/nll/custom/layouts/common-layout/21.0.0/ Frame 1E71 2 KB
1 KB 346ms
345ms XHR
text/html 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/nll/custom/layouts/common-layout/21.0.0/layout.html?cache=21.10.1-0-202303030620

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

314b30d1c560018c036674ed197d2813e555344b9a770e0c95078c96753ba234

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Accept: application/json, text/plain, */*
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 20 Apr 2023 12:05:36 GMT
server: Server
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 6367a49b-7e5f-4b99-a595-95f3323bbbd8
etag: "d653d500850fc0380c3ce11c92f438c3"
x-frame-options: *
x-amzn-trace-id: Root=1-65416da4-5f1ee988175cfc8a0eb01bab
content-type: text/html
cache-control: max-age=7200,private
x-amz-apigw-id: Nr4RvHnFvHcF1ng=
content-length: 661

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 21ms
19ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=4&c=21&i=8drwuj&p=aemprod&s=15714&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiOGRyd3VqIiwicGFja2V0IjoxLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8RdodHRwczovL3d3dy5rbm90Y2gtY2RuLmNvbS9rdGFnL2xhdGVzdAwA0C5taW4uanM_YWNjb3XOAPAtPTY4YzdkNDZkLTRmNTMtNDk2Zi05OWJhLWVjMTdhYjJjMWY2YyIsInR5cGUiOiJzY3JpcHQiLCJzdGFy0QDANjk4Nzg2NzIwNjcwvwBFZCI6MRQAoDg5NSwic291cmM8ADFtdXSyAKJPYnNlcnZlckNMSAChdHVzIjoibG9hZOcAQGFzb27mANRdLCJkYXRhUGF0dGVyEgCzbGlzdCI6W10sImlqAL8xOTE3NDM0NDF9LBgBBfEBYW5hbHl0aWNzLnRpa3RvaxoB8AJpMThuL3BpeGVsL2V2ZW50cxcB_xNzZGtpZD1DNEpTQVJKUjJRM09HMEpBRVRGMCZsaWI9dHRxCwESLzU5CwEAFzcLAc9pbnNlcnRCZWZvcmUFATGfNjY0ODIyNTMzBQF4DxACAggFAQ8QAkMDCwEvNDQLAQexdHIuc25hcGNoYXQLAvBMY20vaT9waWQ9MDhiZWY0OWItNGI2Zi00NzRlLTk1OGItNWEwYmU3YTAyMjdlJnVfc2NzaWQ9NjMwNzQ5MjQtYTZlMy00MmM3LTgwYzAtYWRlNWU2NTNkN2M2Ji0AEGwtAPYUNTdhZmM0NS1kMTc3LTQwZTEtYWZmOC1jNGViZTY1NmY5YTdbAlNpZnJhbRkCCmYDLzg5WwIBFzlbAvgISFRNTElGUkFNRV9TRVRBVFRSSUJVVEVmAm9hbGxvd2VuAyGvOTc5MzAwMjI2MF4BBwCGBHZnb29nbGUteQMAjAQGDgAmanPsAA9SBAc9NzAxRwM3OTEz7AAPQgJAvzcwMDA4MjAxOTI15AAI8QZiaXRlLmF1c3RyYWxpYXJldml2YWxMAhFtrQUDLgUyeGhyeAEKxQEuOTIrBQEUAAUrBbJYSFJfTUFOQUdFUkEAAiQFD7kBJUA3MDAyuAEvMzjVAN4CigLzHGFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvdmlld3Rocm91Z2hjb24NCPYFLzEwNjk5Mjc5NTQvP3JhbmRvbT3ZBts3OTMmY3Y9MTEmZnN0GABBYmc9ZgEA8yEmZ3VpZD1PTiZhc3luYz0xJmd0bT00NWJlM2FwMHY5MTY2NjEwNDEzJmdjZD0xMWwCAPABJnVfdz0xNjAwJnVfaD0xMgkAMXJsPeUH0SUzQSUyRiUyRnVzLm4aCAB1AvIOJTJGYmxvZyUyRmVtZXJnaW5nLXRocmVhdHMlMkYnAPYBLWVtYWlsLXNjYW1zJmhuPaUDIGFkjgdAaWNlc0sAwiZmcm09MCZ0aWJhPXsIMSUyMDwAMSUyMD4AAYMA8QkwQW5zd2VycyUyMHRvJTIwWW91ciUyMEalCPABbnRseSUyMEFza2VkJTIwUbcIMGlvbi0A0ihGQVFzKSUyMC0lMjBgACAmYSYBtjE1MTYwMTU5MDcuZgHgJnVhbWI9MCZ1YXc9MCYNCBE9qwfwByUzRGd0YWcuY29uZmlnJnJmbXQ9MyYGAB80WAQRPjgwNFgEANQJBX8DoGFwcGVuZENoaWwlBTJzdGF_Aw-jCCK_NzAwMzg1NzI0NzajCAgPpwL__wMPJgYCHzH_Bk4DrgIvNzfjBwcPrgJDPzgxNVUFAgAYAA9VBf9TBv4GjyUzQnUxJTNEdQY3AFIAQTIlM0SpBn4zQnUzJTNEmwYAJgCvNCUzRG1pc3NpbtsFIA80AwIfMjQDS882OTcyMzI2NDYzOTI0A0KPNDMzMzA2ODWJCAA_ODA5NAMDPzA5JjQDFJ84Nzg0MTI4NjSICP8iDzMDsABSDSNlbk4RAswRKDkyZg0PDgk5zzY5NzQ1OTc4NzgzNSwD__-iD18GAggsAw-SEEAGMwMfNF8GCLJjdC5waW50ZXJlc9US8Rd1c2VyLz90aWQ9MjYxMzE1ODY0MjgxMiZwZD0lN0IlMjJucCUyMs4NoDJlbnNpZ2h0ZW4SAFc3RCZjYtQO9gY5MjYmZGVwPTIlMkNQQUdFX0xPQURoDQ_kEAYfNmUNABc2igcP5BA8zzY5ODkwMjgwMDI0NloEBw8nAf8VEHNNAiBpbWMP_whtL2N0L2xpYi9tYWluLmFhMzQ4ZWUxLsMTEy84NOoSAQgGAg8xA0KfNjczMjYyODU2BRYIN2J1eUMR9hAvcmVkaXJlY3Rvci9zZW8_Y2FsbGJhY2s9Y2FydEZulBAnNjioFQ-8FAc-Njg3_wIfM_4WTp85MjQwNTE5NjNrEAigd2F2ZS5vdXRictEBAJkV8gJtdFdhdmVzQnVuZGxlci9oYQgA9hMwMDFmOTYxYmQ5YjA1MWEyODE4YjQwNTgzNTNmZGE5MmJmBgQPCgEHEDdMCAxgCA8KAVB_ODc2MDIxN5MLCQYFEwuqFvAWai9jb2xsZWN0P3Y9MSZfdj1qMTAxJmE9MTMyMjk5ODk4OCZ0PT4UADsUfyZfcz0xJmSiEzr_BXVsPWVuLXVzJmRlPVVURi04JmR0kBNVwXNkPTI0LWJpdCZzcogUEXiEFCd2cA0A8AJqZT0wJl91PWFEREFBRUlKQQEA8QdDQU1JfiZqaWQ9MTMwNDQ4NjMwMSZnEACwOTM3MzQ4MTI0JmMfAJgyNzY3NTIyNDbtEwCrBjBVQS08APYFOTMwLTEmX2dpZD00OTk5MjU3OTUrAEAxJl9ylwEgc2xVFfAEZGlkPWROakl4TlQmej0xNjM1NwQAFjWcAg-iBgUuNDWjAwAUAAUHFA-iBj6fOTk4NzEwMzg2ogYID5UC__-d33BsdWdpbnMvdWEvZWMVCBQvOTB5Aw0PHx88nzk1Mjg1NTUxOHcDIQ_iACIPVA8BCVsED_cIQgToAB859wgIBoUdMXBhbqQdEWT5GYIvYXBpL3YyLxYAEV8ZIQZDBYFzZW5kQmVhY90cDPshTDEwNjhKBQIUAAVKBa9TRU5EQkVBQ09O1xwBW2Jsb2NrkB5hIldoaXRl7yEPCSIJCicAARQivzcwMDEwMjc5MjIxDyEdBAQBABYiD_0AVQ_UHSXPNjk2NjQyNTU4ODc58AwHBu8BD_siAwDcGiJpY9wL701UVmtNbVZpTUdKaE1RzQMULTg56A0AOh0H6A0P6wJCnzg4Mjg4MDU0OOkKCADcAA_3HQEG3gmAdD1kYyZhaXBOCEhyPTMm7gkNjwgPuggHAeMID_MIBw_ICAgFQgkQSUEJEkFCCcZ6PTExNTQ5ODY5OTaGAg_GCAM9MTA3TQUCFAAFfAMPxgg_nzIzNTAxOTc1OHgCBw98Af9qAAAS8QYvaS9hZHNjdD9iY2k9MyZlY2k9MiY9H_IZX2lkPTg1OTc0YjIxLTQ0MWYtNDM1YS04MzY4LTc1ODNjMDY1ZjYyYi4AUHM9JTVCAwAkMjLwDAAkEiAyQ0QSQDdEJTUDABAmeRIhZ3LdJ9A9YWR2ZXJ0aXNlciZwbAAwVHdpwScwJnBfkhIAEgBAMCZwbAgA8B05MjRjYjAxZS0yYmFlLTQ1ZGYtOGE1Ny1lNmQwYmZkMDRlNWMmdHdfZG9jdREpX19ocmVmCCE5MnR3X2olEF-vAiB1c_kg8gF3X29yZGVyX3F1YW50aXR5FABwc2FsZV9hbTMpABEAIHhuwABgbzVmdW0m6yNSPWphdmEDDxMmQCIQPTkqJjI5wAMyaW1nyyMKDCQ-NzQyPAcvOTBABU5_NTg5MDgyMlMUCQc8BgLEAQAhIg9ZAgv_FTI5NTM1OTE0LWQ2ZTktNDQ0Yy04OWYyLWY3ZjA0ZWI0MWNkMVkC_xBfbnV6aXBZAi8NPic4MTA5PyAP2Bk8jzExMzQxNjEyNycID1IC_64PqwQBCFICD-sJQhQ3WQIP6wkID1kCIA8EB_-PD1kCTo85MzE0MzM2NCsuCj8uY2_zBv-ZDW4aD_MGSJ83MDA2ODMxMjloEAoPjQsPDzQJ_3sP4gZgB0gCDxMjCDZzcC7lBlF5YWhvb44L8BlzcC5wbD9hPTEwMDAwJmQ9VHVlJTJDJTIwMzElMjBPY3QlMjAyMDIzBwBQMSUzQTHyH_8AMDAlMjBHTVQmbj0tMSZiWRpVMS55cNoQLzgmxg06M2VuYyQb8Ax5dj0xLjE1LjEmdGFnbWdyPWd0bSUyQ2Fkb2IWAQXmIA-VDQ4vODLVEgAJPAsP6ghCnzY3NTAxNjUyN8AVCL04MTM2NDg3LmZsc9Aw42FjdGl2aXR5aTtzcmM9KgARO6EO8BdscDtjYXQ9dW5pdmUwO29yZD0xO251bT0yMzA5NTUyMTYyMDU5O4svP2RjPY0vAvMCO3UxMD11bmtub3duO3UxMT2kKVI7dTE0PTwf-AI7dTE2PXVuZGVmaW5lZDt1Mw0AFzkNAAIJMRFmCTEaO_4wkDt1YWE9O3VhYgUAMGZ2bAcAAAUwQDt1YW0MABFwBQAQdgYA73c9MDtlcHZlcj0yO35vHBA7Fz8kAg-NNQYfN3wTAR85bioJEkEDEA9PMCi_Njk5OTA5NDU3MzAuBAgP4ja7ODEwOWQlD7gOOw_TNhEPTwGoHjlFNwtPAQ_LBELQOTc5MzAwMjI2Mn1dfQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:04 GMT
cache-control: no-cache, no-store
server: nginx
expires: Tue, 31 Oct 2023 21:12:03 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 19ms
18ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=5&c=21&i=8drwuj&p=aemprod&s=9811&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiOGRyd3VqIiwicGFja2V0IjoxLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8xJodHRwczovL2Fzc2V0cy5ib3VuY2VleGNoYW5nZS5jb20aALMvc21hcnQtdGFnL_MA905lZC9ydW50aW1lXzhiMzBiNDg5MDIwM2ZkNDE0NGM1NGI5ZmZkNzY1ZjVlLmJyLmpzIiwidHlwZSI6InNjcmlwdCIsInN0YXJ0IjoxNjk4Nzg2NzIwODQzLCJlbmQUALAxMTA1LCJzb3VyYzwAMW11dLwAok9ic2VydmVyQ0xIAKF0dXMiOiJsb2Fk8QBAYXNvbvAA1F0sImRhdGFQYXR0ZXISAMFsaXN0IjpbXSwiaWRqAM83NjU3Mjg2MjMyfSwiAQWxdHIuc25hcGNoYXQYAXBjb25maWcvIwH_LDA4YmVmNDliLTRiNmYtNDc0ZS05NThiLTVhMGJlN2EwMjI3ZS5qcz92PTMuNC4xNS0yMzEwMzAyMzI0FQESIDk43gECqwAROCkBRzExMTEVAc9pbnNlcnRCZWZvcmUPATCvNjkzNTA2NjUzNA8BgT85MDEPAQwPJAJCBRUBHzcVAQf2IXd3dy5vanJxLm5ldC9wLz9yZXR1cm49JmNpZD00NDA1JnRwc3luYz1ubyZhdXRoPf4BMmltZ7kBCxADHzb7AQ2gYXBwZW5kQ2hpbPkCP3N0YQkDKM83MDA1MjY3NTYzMDXlAFofOdEBXwfsAB827AAH8QFhbmFseXRpY3MudGlrdG9r-gOwaTE4bi9waXhlbC9wAf8CaWMvaWRlbnRpZnlfNzIwNTnsBBQ_OTcy9wAAFzjXAw_cATnPNjk5NjI0NzcyNzc58ABiPzEwNrgDAQjwAA-4A0ID9wA_ODY49wAHDNwFFnCZA4FzZW5kQmVhY0kHG3OwBk4xMTM0xAEAFAAFsAbyA1NFTkRCRUFDT05fTUFOQUdFUugDAqcDYGFsbG93ZboDL3JlswYbnzgyMDYxOTg5MY8ECLNjdC5waW50ZXJlc7QGZnQuaHRtbN4AU2lmcmFtMwYJegQ_MTA3lQMAGDOuAQ-eAjuvNzcxMjI5MTE4M6cBBw_QACofOH4CAAnQAA9-AkIF1wAPUQUID3wJIvAYY2pzX21pbl9lNTYwMjViZjc4OGUwMTU5OTU0NWE2OGMzYzY5OTIxeAgG7wEPeQkGAmUJG2V5CSc0Mo0EDx8BQo85MjEyOTM0N_YBCQDACaEuY2RuYmFza2V0WwcG0gAyeGhyUAMKvgIvMTXuAQAAFAAFmAM_WEhSkQM8jzYzMzY4Mjk3kQMID8sAuCBwYSAMD5YBHQ_yBgAYNWUCD5YBP485Mjk2Mjg4MvUGCA_LALhPdmlldywDHw-WAV6fOTc1OTc4Nzk3FgUID8sAuA_hBSL_GW1haW4tdjJfYzljMjU4Y2I5YmZkNzUwODk1ODc3MmEzN2ExMjgzNDddDxY_MTEwrQgAGDl_Aw_TBzufNjcxOTg1NTM25gEIDxsBdh41yAkJGwEP_wZCBSIBD4MMCQ-aESFgb25zaXRlPwLwATU2MzFiZjkwNzAxNjU5MDBjCc9hODlmOTY0YWU1NzA_AhgeOVQHNzI0OSMIDz8COb83MDAyMDc0ODk2NYYQCA8_AiIPHQFDDkUFCh0BD0ECQAckAQ9jAz1QaW5ib3hAAhA03RP_DDQ2ZTU2NThkMDY3ZDM4MDczMWFjYjI1ZWRkOUACGR0wZAMZMpQJD0ACPI84NDcyMTg3MPsHCA9AAiIPHAFCDz8CAAkcAQ8_AkMDIwEvMTF1DQcPIwEOAjQW8QAvbG9jYWxfc3RvcmFnZV9YDmExNy5taW5zDkcjMjAw7RQPeA4HLjI1igUBFAAFugvyCEhUTUxJRlJBTUVfU0VUQVRUUklCVVRFBwwPVw8rvzcwMDAwNTQxMzQ0ChYIsDY4NGRkMzExLmFrABJPLmlvL5EMDh8yTw8AARQABdcAD_sKPp83MTM2ODE3MDRdBggPywC4D6sTAmNhcGkvdjKtEzZhY3SoAQ_YEQsuMjiIGAEUAAWvAQ_YEUUgNzQJES8yMLYEKgOTA8FqcXVlcnktMy41LjGKAw-FGRI_MTI1_QAALzkz6QdEgDY5Nzg0MjI3chgPhgQvD_MAJg7uEhky8wAPgAVABvoAHzduBAgPgAVwPzMwN_0BRA9xBRMPAwFdHjapCAoDAQ8NAkAHCgEPQRIIsXRyLm91dGJyYWluixj3LGNhY2hlZENsaWNrSWQ_bWFya2V0ZXJJZD0wMDFmOTYxYmQ5YjA1MWEyODE4YjQwNTgzNTNmZGE5MmJmCwUPjx0GLjcylwgvMzQKBEiPNDM1MDg2NDYQAwgPAwFeDg0FCgMBDw0CQDQ2OTcKAQ8PFwjxBmJpdGUuYXVzdHJhbGlhcmV2aXZhbBcCEW2uGANuHw8jFQQuMzVbHAEUAAXjBg-SCDwArgx_MzAwMjQyOIsZCA_VAMIPYBomHzSzEQABFAAFpQEPiAhFAmAaPzkxOI4ECA-sASsQNNghC3MYARQABdwAD4ECRS8zMy8PCA_VAMKxYXBwLmxlYWRzcnghBPEfdmlzaXRvci5waHA_YWNjdFRhZz1jc2l5cms0MjUwMiZ0ej0tNjAmcmVmPSZ1PSUk0SUzQSUyRiUyRnVzLm5aJABKAPIOJTJGYmxvZyUyRmVtZXJnaW5nLXRocmVhdHMlMkYnAPIALWVtYWlsLXNjYW1zJnQ9liQxJTIwFwAxJTIwGQABXgDxCTBBbnN3ZXJzJTIwdG8lMjBZb3VyJTIwRsAk8AFudGx5JTIwQXNrZWQlMjBR0iQwaW9uLQDSKEZBUXMpJTIwLSUyMGAA8QQmbGM9bnVsbCZhbm9uPTAmdmluEAAG9gYPFwUELjQ5JRUBFAAPlgJF8AA2OTg1MTExMzgwMzJ9XX0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:04 GMT
cache-control: no-cache, no-store
server: nginx
expires: Tue, 31 Oct 2023 21:12:03 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 23ms
22ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=6&c=21&i=8drwuj&p=aemprod&s=13449&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiOGRyd3VqIiwicGFja2V0Ijo0LCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8DhodHRwczovL2FwcC5sZWFkc3J4LmNvbS92aXNpdG9yLnBocD9hY2N0VGFnPWNzaXlyazQyNTAyJnR6PS02MCZyZWY9JnU9aEYA0SUzQSUyRiUyRnVzLm57AABKAPIOJTJGYmxvZyUyRmVtZXJnaW5nLXRocmVhdHMlMkYnAPIALWVtYWlsLXNjYW1zJnQ9twAxJTIwFwAxJTIwGQABXgDxCTBBbnN3ZXJzJTIwdG8lMjBZb3VyJTIwRuEA8AFudGx5JTIwQXNrZWQlMjBR8wAwaW9uLQDSKEZBUXMpJTIwLSUyMGAA8QQmbGM9bnVsbCZhbm9uPTAmdmluEADwFSIsInR5cGUiOiJ4aHIiLCJzdGFydCI6MTY5ODc4NjcyMTQ5NGwBHWQUAFBzb3VyYzkAslhIUl9NQU5BR0VSQQAwdHVz6QFhbGxvd2VkkAFAYXNvbo8B1F0sImRhdGFQYXR0ZXISALNsaXN0IjpbXSwiaWYAvzUxMTEzODAzMn0swQEdJmpz0gBic2NyaXB0lAAJ1QBPMDY2MdUAADU1LCLVAMJpbnNlcnRCZWZvcmVCAALWAD9sb2HTACGvOTI1NTczMDQ1N9MARi83MNMADDFtdXQHA69PYnNlcnZlckNM2QA4LzY22QAH8ABldmVudC5oYXZhc2VkZ2UnA3EvdHJhY2stGgDzPD9lbWV0YT1leUp3SWpvaWFIUjBjSE02THk5MWN5NXViM0owYjI0dVkyOXRMMkpzYjJjdlpXMWxjbWRwYm1jdGRHaHlaV0YwY3k5dSwA_wZ0WlcxaGFXd3RjMk5oYlhNaUxDSnZcAA3wEUlpd2lZVzhpT2x0ZExDSndZWEp0Y3lJNmUzMHNJbkJ5QAAAJADy_zNhVzVtSWpwbVlXeHpaU3dpYkdOcmFXUWlPaUprWW1abVpUUmtPUzA0Tm1FNUxUSTRaRFF0TkdNM01DMWpZemRsWWpjeU5tRXhNek5mTVRZNU9EYzROamN5TUNJc0luTnZkWEpqWlNJNklraGhkbUZ6UldSblpTNUZkbVZ1ZEZSaFp5SXNJbUowSWpveE5qazROemcyTnpJd09EWTBMQ0ppZWlJNkxUWXdMQ0p3YkdjaU9sc2lRMmh5YjIxbElGQkVSaUJRYkhWbmFXNGlMQ0pEYUhKdmJXVWdVRVJHSUZacFpYZGxjaUlzSWs1aGRHbDJaU0JEYkdsbGJuUWlYU3dpY0d4MElqb2lWMmx1TXpJaUxDSmpheUk2ZEhKMVpTd2lkSElpT21aaGJITmxMQ0pvSWpveE1qQXdMQ0ozSWpveE4MAPEralpDSTZNalI5JnRya0d1aWQ9MGQyNGQzNjItOTEzMy00Y2YwLThlN2UtYmU4NzYyZjA1MTBhJmV2dC0A8BE1Y2YyN2JhNS05ZWE4LTQwMTQtOTllYS1lYzc3NWQyYToAECZsBBAtbgZAdWN0X2cEgj1taXNzaW5nGgCKb3JkZXJfaWQWAIpzdWJ0b3RhbBYApmNvdW50cnk9VVNgBDJpbWdCAwpdBD04NjWKAwFxBAVdBAyKAxJBRwACYgRAZXJyb4oFL3JlNgUZvzcwMDEzOTg1ODIxigMI9wBzdXBwb3J0LWRpZ2l0YWy4BvAcL3N5c3RlbS9PZmZlcnMuZWdhaW4_Y29tbWFuZD1HZXRSdWxlc0pTJmVnbyIAf3BhZ2V1cmwKBzkHWgBfdGl0bGUZB1UFeAABlAaWY2hlY2tzdW095wEPRwYHLjkzHAc_OTI4RwZHrzgwMjc3MjkzMTRuBQcP5AH_Px02zgMK5AEMzgMPWAcyBeoBD84DKv8MY2IvYWRtaW4vanMvYWxsb3dfY29icm93c2UuKQkTPjkzMv4ALzMw4gJHnzk5Mzg3NDMwNfgAbQ_2AQAJ-AAP9gFCBP4ALzYw4AMp8QB0ZW1wbGF0ZXMvY2hhdC_MBRAtCwAP9QEpLzQ59QFHnzg0NTQ2NzUyM9cEKg_3AC8P9AEAGDXsAg_0AUIF_QAfOPQBKUBjYi9j8AFgZWNrU2VzpA_CLmh0bWw_d3NuYW1lqAc5Oi8vrA4G4wZTaWZyYW3oDAnNCD0yMTIBBAIUAAXNCPgISFRNTElGUkFNRV9TRVRBVFRSSUJVVEXTCAF7BA8LDiKfOTQwNzQxNjg1GgIqBQcFwGdldENCSG9zdE5hbQMFFnADAQ_mBwZMMTkyOQQFRzIxMjQPAw8YAkKvNzgxNTE3NTA0MxgClTc0NTMVAaBhcHBlbmRDaGlsMQ8yc3Rh3woPQQ8lDwkCNQ8mA0QNCQoaMg4BDyMCQgUeAw8tBwjRaWRzLmNkbndpZGdldHsPQGM_Y29IE6BJRD0mZGV2aWNlCgDhaXY9JnY9JkdDSDE9JlMGAPBUR0NTMT0yMTEyMzEwMzYmR0NTMj1aV0ZrWmpJeVlUVXRNRGd6TnkwMFl6STBMVGcyWm1ZdE4yVXhNemRtWXpKbVl6VTNMbXh2WTJGcyZwZT1mYWxzZSZ3c2lkPTIwMDQmdmFyegDwFnZhckRhdGE9dW5kZWZpbmVkJmxvZz0lN0IlMjJjb25maWclMjIQEwESAEJnbUVOEADZdHJ1ZSUyQyUyMnBpeBUAIjdEGABiYXBpa2V5LgDAJTIyMiU1RUhJeWtEEgABOQAzY2pz0hQAEwAA0RNgMjEuNS45DgABIQBAd3NpZA0AIDNBsgACVgAAwgIRSUQAATEA8ABCTHZYYlBWVGFIRzc5RVcuAAE7AFl0aW1pbrsAEnOZBaNTdG9yYWdlTG9hWwASOFgAgElEU3RhZ2VTghMARgAjM0EZALJuZXRDb21wbGV0ZRgAMjIyMTMAYG9ic1JlcecOAhkAODU5NBkAQnZpZXcZADg3NDYZAAC_DQIZADI5MjMZAAN-AGNQcmVmaXJoAAAdAARMAXJtYXRjaGVzNgAEnQEARwICEgAQZtwBAkoAKExTEwAEQABCaW5mbxgAAj0Ag2lzU3Bvb2ZlBAEHQAAiUE0oAAcTAD1ETlQUAAK7AnNUaW1lem9usQADFwFQZXh0ZW4EBwSnAQD6FAKdAAAbAE5ybmFsGgBSYWdlbnRmAAKiAAJhAAISAAFBAATLAFZmaXJzdL8BAYgCBBwAAjUABDUC8AclMjI3NjM4MTIxNTMzMzQ4ODc1MjYyUwABIwIBdhYHLAAGdhVgMzA5ODgwKQAmN0SkBg-jFQM9MjU2uQgCFAAFpAcPoxU-jzc5ODk3OTQ0oxUJD3oE_____2sPAxMPCywOkm5sbC9pbmRleDUNEGXrFTBQb2nEHPAXPTEwMTEmbG9jYWxlPWVuLVVTJnBvc3RDaGF0QXR0cmlidXRlcz0EBhQmVQAAXQzwOj1ubGwmdmVyPXYxMSYmYUlkPUVHOTQwMjA3NTYmc0lkPUM0MzJjZGViNzUtMThiMy00NWRkLWFhMGYtN2U4Y2IwMTY1Y2FjJnUrAP8XNjdlNDJiNzE3LTRmOGItNGZjNS04YTIxLTc3Y2RhZjU2ZDU0YSbrDQnxCiZFR0FJTl9BVl9DSEFUX1NUQVRFX0RBVEEFHLMmcGFyZW50TG9zdKUJcnJlZmVyZXI4DgB8CQ_qHC_zAHVzZUN1c3RvbUJ1dHRvbmkAEnMNCQJBAWFkb2NrZWQMAAb1Bg-cDggeOZkNKDcxfxUMdgsJaRcAyAkPnhwgnzc1NDk3MTU1MJ4cCuNpLmJvdW5jZWV4Y2hhbvUaAhMA8AYvaW5pdDEuanM_d2tsenM9MjUwNSYLAPT____________GPUM0ZXdWZ2lndkFaZ3JnT3dNYkFKWWdRTWhRWnlnUmdEWUJPQURnSFpURHlBbUc4Z0ZrTTJBQzhRb0JhUWdCa3dIY0FwZ0NNY3FZSUlENnFBQ1pRYVBIZzB3QW5RVGhBQWJPR2d3RmVQQUI3NEZmTlRFRXExS3FOZ0NHbXphZ1FCelNYQldhb0FDMkRBQURqZ0FwQURNQUlKQk5BQmlrVkZ3T0FCMENDQXFvQWdKU0NBQXRySENtaUF1c1lKWmxpN09McHpBM21wMndNSFJ5YWtZbk1WMnFKcWNPRWgyV1RpWUFHNm9Zc0NTbVNBQTFxaUNVRUhrQUVLUk5KcitpNkVSZEw0QjlRQ3M0WkhiMGZ2UjhVa3BhUm5aUjFGNUJWZkZwZVdWMVlLMU93MW56YTN0bmQyOXF6UUFZVVdLbFdlem9xM0lBQkZzQ0FKbE1adk5GakpaS0QxdlJDQ0ZTQ1o4THNRaUVHS1FLQWRDRFIta0M2SU1aS2lpR1JLTlFhUGdRand5S1FlSkZ5VFIrcWpaZ3M2TWl1aUJFQ01lb0tFTUJVV3pBWXNOQjRrRkpnQUJQZnlDVkV3Qnc0RlZTdmwyQlU0U1NnU1NDUXorVkFxV3JvQkNxOVdham5PVEpaY3FTZndxRUF5U1E0T0RDU1NhUVN1S3BXelFhOW1MY1RGUFhPVVoyVklTNE4wYnJSOEhoTldCbTFJd1RhUXhTZm1aSVV4clUwR0NtbkFqZU1qVU01Uk5oWk5CLU9GbFRGeU9wYVFTTEtTUXVHQU0xam1DZnFXYjBGRnlDTjNPVHVwdWpPMTF3RkNTTlQya29JR1RtakI1amwyR0NGcHkxZVZLeldrcFBXMk0wTmNiMUJiLVU3eVNEaENXQnlqdytaWVJtaGVPLXhSNERYa0dWNnRqby1yOXFuaVJEVjdNVTczelk5LXpQVjh6VjZTUXdEc1MwdndQTUMtMDNRRGdETkpCSmxjVUNPWHlGeEIySEJCcEJrWDAwRUxJY2NNV2NEVUtrS0NlajFCOG4yUmJERUpUUTlxSUEyaW8zbzBZUUVmZURtTGNPQi1FWENSS0xqTjhuVzBNMG5FVmJrNkhMTWxGanJLUU9MUERBNVhFbWhTM2RRUnhWWXJ0RmgwZ0JIT1RLMGxEa2RQNkJ3NEYzTllMTVdZU1hETkVpM1JBZGMrenNhejJqc1BJN1AzTml3T0VBU01IbkVaWDBITFNFQzh5UVNNR09WcEdRTjg3eWhROFpCY0tJaTJBQUFaRUE3Q3BTdDBOczJab1dzK3NBRzF1Z1hCVVp6c1RESkVHTVEtSUFYVmdhMEJpakhCS3U4UVJNTUZNc1d4d1Zydnc2aXFrQjZ2cWRIZENSLUdHOXF5cTY3TlJXRkxKbHRhdmdGdTYycEpHRUVCRENkTlFOVEZPYVUxR3JxTlJ3TVFNRWtWYkYwMEE3MUZJazZOVE84cnJyVVFaQkg0U1FVaElsUnBzRVdhMnRPemJyS2NOMGMzOERCbnNFVjZrQ1FTUUVEZ0xKaEQ3VWpMQ0hHSFhvMUpBUEhFR3JNaEl3MHhReG1Rc2MybkdNRGRaMWlsUVpIUmljVERNZUJsNktjRkZRRXNWWlZ5YzY4ckYxMWZVUUVOWTFUU1hCQWVZcXUxc2hmRjAzUTlMMGZUOWJ3SmE2OHR3eUkwdDF0ZXZDQ01TbFhLb1J1d2RIYzlvZlRKbG5ZYzJ6V0xkZWtpTXl6SVljMk9xQU50NXltRjJtZ1Nvd2h4bnhtWmthS2Q2cW5ZdlRPQk13WjFBbWZOZ1BlYnJCc2RQTGZXNDVMU1R5emJWQkRIMW5zK3gxb2M5WnR6YUp4a0tjUmxuYko1MUVpMHRjMnRTMEozZlhhKzNaVkwxOUc5TkgxeGlCSmZOOFAzMXMxMmtrZkszS0ltbWp1QUJ1VU00b0Nub0wzbkc2ZGJpWUxnOFhaNHE0S3hBUjUxSThFVnJzZUFMMlZHcGxSdDkzemE3YkQyamo3bFUtZVpwaDE2YTM2LWJFMjlmSS1jVHhXczJRSTFnQWVoLWs1R2puSHRJZ0VpaFpyd3lEM2dmTjBIaDI0K0Q4Ti1jSWY4QUVmSFNNQWhjZ2d3RkRsdHFIY09NRFA3d09DSWctK2lSQUVZQXVGa0VCR0RuQllNTG1vZStyWThGd0syTC1ZaHB3bWlvT3lKUXpCRUROcW9HRVB0Q0tUY2Q2cjFWdndoZWc1dlE2bjZqZlNXWWlJekZoQUpoVnErQlhwR2lHR2dWd294NGlnQktDb0NlSjR6em9UcWxoRndIY01BYUI5TzZkbVQ5a1N6bUFOckFjZWNJeXlGSXFnY2kwZDVxOHpCcklXSzJRMmdyeUtwYk9lazlJS0x3WW54Smk1UjlFUVVBblJHQ25kbnlhT0VxSllSTWN4cVNYOE5KQncrTldybGxlaXBRZUlUQUlhVlNaNDlKVFlOVGp4RVpWU1Nwa0ZUVjE1bFpHeXdqWFlWU0xnZEUrMVQyblJSS0IzYnd0UmJvT0VIaWdWQXZZczVaRGFQZEJSYWdQRWcxNXJ0UkFjcDlxb0N5S1BLNks4MGxkUW5NNUhveEZ4bVRPbWlrUE8tUWFBZDBrdmtmSy1zeWxkWGlJNkljRWpId2dINEJxUFIxU25JdVR6dTVDdy0wdktUTjhqNmZXUmNTNkl4NklJVTUxVGZJaFFRR0ZjUnBTNWtWV1NOWkNPcmp6YXZVUlhZU1EzaHhDeUJrVjFkRjdnWGs0dWZuUEdRZkVwQlpDUUE2VkZWdFlTVEhKYTZJWm84WjZCTFJURk9LMjlFclcwMmVWYUstUVE3eFZva0RBT29DK2FPMldvUFZhUXBxNGl2NW5xQTBSb1RSbWwwQnMrYUlxcFlPazBlMCtXM3BmUXVDcU9UTlZnMUVxTmlxUnRHVk9DSFlDaWxTN0FZSXJrNG11Yk1VZE9tY0M0aXFCZE9NdVdRSzVpMmxSZzhxODh1Wnd0WmlLZ05GNHJ4dHdOWDZoSmdrRjZwRjdxNnYxODlzN08yRlltb3BYRm9KNm1YcEdtQS1yMDM2Z3dpWW5ONVZjNkVXSXE0OXh4YjU1eFBDZnhSSnBpRTI1dXJXRTNpZGFZM0pLM01XZ3A4OFNuRnZlWmN0eUhrZm5lVTBQOG9ObHNRM0JRWEtGVWlzS3NaakRwWUxJV282VkNEaHRzSWZ3TnE5S2J2S2dBSWgwaWtVWUUxeGo5VjNRQUduM1Z1RndLUUZUbnQzZDRiSWdnNzN1dUFIZWpVVVp4cTd1YXBnZndkUmJEMmt5YWVaQVVnWUNqcGNNLWZwVUFnQSIsVicPVxgGPjI3NloZPzk0N0IXRM83MDA0NDY4MjM5MTVQGAcvYXC4Cv____________8bDuwgCrgKDHYVDxEpMPAANzAwNDQ2ODIzOTE3fV19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:04 GMT
cache-control: no-cache, no-store
server: nginx
expires: Tue, 31 Oct 2023 21:12:03 GMT

GET
H3 200 blank Show response
cdn.quantummetric.com/helpers/ Frame B62A 209 B
319 B 19ms
19ms Document
text/html 2606:4700:10::6816:34fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/helpers/blank

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:34fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07e2a6fb0d22cdbde787ec2941eb285c222861ddc3cbc8903315b6e5942be8cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4310
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
cf-ray: 81eee4e3ae102c02-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 31 Oct 2023 21:12:04 GMT
last-modified: Tue, 31 Oct 2023 20:00:14 GMT
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 launch-chat.html Show response
support-digital.norton.com/system/templates/chat/core/common/pages/launch-chat/21.0.0/ Frame 1E71 158 B
588 B 200ms
199ms XHR
text/html 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/common/pages/launch-chat/21.0.0/launch-chat.html?cache=21.10.1-0-202303030620

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

99f75695c2c988d08dee5156241f1068e31d6905c89b5556ab93769f39b1dd96

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Accept: application/json, text/plain, */*
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *
last-modified: Thu, 09 Mar 2023 13:40:24 GMT
server: Server
x-amzn-requestid: e1b97a4f-f7a2-408b-a192-95e8bf5e4b14
etag: "5f646c8652e6aae89d92118e2c76eaf1"
x-frame-options: *
x-amzn-trace-id: Root=1-65416da4-0bbed76f1afaf77271693866
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=5184000
x-amz-apigw-id: Nr4RxEaHPHcF5aQ=
content-length: 158

GET
H2 200 fragment.html Show response
support-digital.norton.com/system/templates/chat/core/common/fragments/component-container/21.0.0/ Frame 1E71 362 B
793 B 206ms
205ms XHR
text/html 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/common/fragments/component-container/21.0.0/fragment.html?cache=21.10.1-0-202303030620

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

4625474c8f7d0cea451698832acebce373fefcacd340497ac48ff20189aac208

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Accept: application/json, text/plain, */*
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *
last-modified: Thu, 09 Mar 2023 13:40:11 GMT
server: Server
x-amzn-requestid: 740144b4-3f5f-4f3e-9bbb-e50251068d67
etag: "addb7e13fe96f4913520a8f9ead0f919"
x-frame-options: *
x-amzn-trace-id: Root=1-65416da4-763e333e553bcb3c11a51c57
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=5184000
x-amz-apigw-id: Nr4RzFLvPHcFUTg=
content-length: 362

GET
H2 200 layout.html Show response
support-digital.norton.com/system/templates/chat/core/common/layouts/page-layout/21.0.0/ Frame 1E71 568 B
998 B 231ms
230ms XHR
text/html 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/common/layouts/page-layout/21.0.0/layout.html?cache=21.10.1-0-202303030620

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

f2ef90edfb28a83fdeaba8d622ba26a43a80489387d344574add1bee27ab07d6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Accept: application/json, text/plain, */*
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *
last-modified: Thu, 09 Mar 2023 13:40:11 GMT
server: Server
x-amzn-requestid: 68bd34b9-110a-4525-b8e5-4ad33b737545
etag: "cf296310df0d196503d2a6426ffb26ca"
x-frame-options: *
x-amzn-trace-id: Root=1-65416da4-2ecc4e9a2ecd47c2177749f3
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=5184000
x-amz-apigw-id: Nr4RzFR3PHcF6uQ=
content-length: 568

GET
H2 200 launch-chat-button.html Show response
support-digital.norton.com/system/templates/chat/nll/custom/components/launch-chat-button/21.0.0/ Frame 1E71 832 B
1 KB 228ms
227ms XHR
text/html 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/nll/custom/components/launch-chat-button/21.0.0/launch-chat-button.html?cache=21.10.1-0-202303030620

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

a11b7266dbfddbd0ade73ee5b56d90fcaacad3d2258d6fa11da30768ebf59bae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Accept: application/json, text/plain, */*
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *
last-modified: Thu, 20 Apr 2023 12:09:14 GMT
server: Server
x-amzn-requestid: 32b0ad87-dbb1-4d99-9c2f-4e1454a2cd45
etag: "7636f457ff98d8386c28e9d8674734ae"
x-frame-options: *
x-amzn-trace-id: Root=1-65416da5-0288c36428b1ae66707d02a8
content-type: text/html
cache-control: max-age=7200,private
x-amz-apigw-id: Nr4R2FCOPHcF3jA=
content-length: 832

GET
H2 200 Icon_Chat_Default.svg
support-digital.norton.com/system/templates/chat/nll/custom/media/21.0.0/ Frame 1E71 4 KB
2 KB 205ms
204ms Image
image/svg+xml 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-digital.norton.com/system/templates/chat/nll/custom/media/21.0.0/Icon_Chat_Default.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

cfd3b0bdf3f833762d44bab0f549be28519ff5303dc420c3eae73cca2ee73229

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac&uId=C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 20 Apr 2023 12:05:12 GMT
server: Server
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: bcc7eed4-b4b7-4d77-810c-f65480359975
etag: "48d3b96afe0c738a0f80e82d3b438f1e"
x-frame-options: *
x-amzn-trace-id: Root=1-65416da5-7b50ff5a6b8aab7009b19622
content-type: image/svg+xml
cache-control: max-age=7200,private
x-amz-apigw-id: Nr4R4EdyvHcFg_Q=
content-length: 1555

GET
H2 200 source-sans-pro-regular.woff2
support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/fonts/source-sans-pro/ Frame 1E71 16 KB
16 KB 222ms
221ms Font
binary/octet-stream 52.13.223.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/fonts/source-sans-pro/source-sans-pro-regular.woff2

Requested by

Host: support-digital.norton.com
URL: https://support-digital.norton.com/system/templates/chat/core/aria/css/21.0.0/application.css?cache=21.10.1-0-202303030620

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.223.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-223-29.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://support-digital.norton.com/system/templates/chat/core/aria/css/21.0.0/application.css?cache=21.10.1-0-202303030620
Origin: https://support-digital.norton.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 21:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 5343b04c-9d17-41ef-a2df-d458007f2b8e
x-amz-apigw-id: Nr4R4F2sPHcFtCw=
content-length: 16135
last-modified: Thu, 09 Mar 2023 13:40:15 GMT
server: Server
etag: "fcf76173ecfcd20d04855e3903f31213"
x-amzn-trace-id: Root=1-65416da5-38908b940599959b5c0f2b33
x-frame-options: *
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=5184000

POST
H2 200 mon Show response
bite.australiarevival.com/ 0
39 B 108ms
108ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/mon
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://us.norton.com
date: Tue, 31 Oct 2023 21:12:05 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 204 collect
region1.google-analytics.com/g/ 0
53 B 45ms
44ms Image
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2M8MHYEY8X&gtm=45je3ap0v9132306556&_p=1322998988&gcd=11l1l1l1l1&cid=1276752246.1698786720&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1698786720&sct=1&seg=0&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&dt=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&en=conversion&_ee=1&ep.u1=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&ep.u2=blog&ep.u3=norton-email-scams&ep.u4=missing
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 21:12:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lifelock.norton.com
URL: https://lifelock.norton.com/

Domain: support-digital.norton.com
URL: https://support-digital.norton.com/system/templates/chat/nll/css/iframe-style.css

Verdicts & Comments Add Verdict or Comment

219 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

92 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 15:54:33	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
support-digital.norton.com/system	1969-12-31 23:59:59	Name: JSESSIONID Value: node067igngyg2wef1hm5t1bdv0bbh6737581.node0
.norton.com/	1970-01-20 15:53:10	Name: AKA_A2 Value: A
.norton.com/	1970-01-21 00:38:42	Name: es Value: 4e56533d317c5054523d6e6f6e657c4643443d4f63742d33312d323032332030323a31313a35397c4c43443d4f63742d33312d323032332030323a31313a3539
.norton.com/	1970-01-21 00:38:42	Name: tp Value: 5452533d646972656374
.norton.com/	1970-01-20 17:19:30	Name: ttControl Value: 5443473d3130
.norton.com/	1969-12-31 23:59:59	Name: at_check Value: true
.norton.com/	1970-01-20 15:53:10	Name: promocode Value: defaultweb
.demdex.net/	1970-01-20 20:12:18	Name: demdex Value: 71969486933090157213878057103923003545
.norton.com/	1969-12-31 23:59:59	Name: AMCVS_67C716D751E567F70A490D4C%40AdobeOrg Value: 1
.norton.com/	1970-01-20 21:38:42	Name: s_nr Value: 1698786719472-New
.norton.com/	1970-01-20 21:38:42	Name: event69 Value: event69
.norton.com/	1970-01-21 00:38:42	Name: channelStack Value: s_eVar72~norton.com
.norton.com/	1970-01-20 15:53:08	Name: s_tbm Value: true
.norton.com/	1970-01-20 15:53:08	Name: s_gpv Value: norton.com%3Aus%3Ablog%3Aemerging-threats%3Anorton-email-scams
.norton.com/	1970-01-20 15:53:08	Name: s_gpv_custom Value: norton.com%3Ablog%3Aemerging-threats%3Anorton-email-scams
.norton.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.symantec.tt.omtrdc.net/	1970-01-20 15:53:08	Name: symantec!mboxSession Value: 1b5a3eaa49704a4f881e37af03bea1ac
.symantec.tt.omtrdc.net/	1970-01-21 01:29:06	Name: symantec!mboxPC Value: 1b5a3eaa49704a4f881e37af03bea1ac.37_0
us.norton.com/	1970-01-20 18:02:42	Name: 53038 Value:
.everesttech.net/	1970-01-21 00:38:42	Name: everest_g_v2 Value: g_surferid~ZUFtnwAAANdPhgN6
.norton.com/	1970-01-21 01:29:06	Name: mbox Value: session#1b5a3eaa49704a4f881e37af03bea1ac#1698788580\|PC#1b5a3eaa49704a4f881e37af03bea1ac.37_0#1762031520
.dpm.demdex.net/	1970-01-20 20:12:18	Name: dpm Value: 71969486933090157213878057103923003545
.norton.com/	1970-01-21 01:29:06	Name: AMCV_67C716D751E567F70A490D4C%40AdobeOrg Value: 179643557%7CMCIDTS%7C19662%7CMCMID%7C71820229737489884403862603042463894568%7CMCAAMLH-1699391519%7C6%7CMCAAMB-1699391519%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1698793919s%7CNONE%7CMCSYNCSOP%7C411-19669%7CvVersion%7C5.5.0
.norton.com/	1970-01-20 18:04:30	Name: _cq_duid Value: 1.1698786719.C12diflIBVgySSnm
.norton.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1698786719.5b35n8xmlVOSpsWj
.norton.com/	1970-01-21 01:29:06	Name: uuid Value: 95f28aea-8e87-498c-9701-ce871888cb41
.norton.com/	1970-01-20 18:02:42	Name: _fbp Value: fb.1.1698786720195.2056847088
bite.australiarevival.com/	1970-01-20 23:56:57	Name: cg_uuid Value: 1bc0b7186827f3c5458a04fc3dc336b0
.norton.com/	1970-01-20 18:02:42	Name: _gcl_au Value: 1.1.1516015907.1698786720
.bing.com/	1970-01-21 01:14:42	Name: MUID Value: 24A54FFE5E2F6F3523A35C455F836EE5
.doubleclick.net/	1970-01-21 01:14:42	Name: IDE Value: AHWqTUkw97fCGiR6IkdM_QEV8-OklRNZKY1flRyvoVmP1b7cAVdo7MO24A4AaNdM
.norton.com/	1970-01-21 00:38:42	Name: SYMANTEC_ENSIGHTEN_PRIVACY_BANNER_LOADED Value: 1
.norton.com/	1970-01-20 16:03:11	Name: RT Value: "z=1&dm=norton.com&si=8b8849f0-9cf5-4457-8b8b-ac314e90a09f&ss=loetr1cm&sl=1&tt=1eh&bcn=%2F%2F684dd311.akstat.io%2F&ld=1ek"
.norton.com/	1970-01-20 15:54:33	Name: _uetsid Value: 21b57250783211eeb8d95b8b91ce7725
.norton.com/	1970-01-21 01:14:42	Name: _uetvid Value: 21b5b870783211ee969963d88e1752df
.norton.com/	1969-12-31 23:59:59	Name: IR_gbd Value: norton.com
.norton.com/	1969-12-31 23:59:59	Name: IR_4405 Value: 1698786720724%7C0%7C1698786720724%7C%7C
us.norton.com/	1970-01-21 00:38:42	Name: __pdst Value: 54fbfc69ed6c4ab4b5803c68ef38e7be
.norton.com/	1970-01-20 18:02:42	Name: _rdt_uuid Value: 1698786720747.6ab2c2e4-19d3-4917-bf7b-acbe0d57b255
.simpli.fi/	1970-01-21 00:40:09	Name: suid Value: 5672B58F1C74453A80321C2297FACDDF
.ispot.tv/	1970-01-21 01:29:06	Name: pt Value: v2:475d4b30c3a91ba17b6d187164d372e9d600e3b2b7ae0116c4551498ead23108\|3e494ae32837bd301bb6864c0ccc267d7df92b38687193da7881f375af596cb0
.norton.com/	1970-01-21 01:29:06	Name: _ga_2M8MHYEY8X Value: GS1.1.1698786720.1.0.1698786720.0.0.0
.pinterest.com/	1970-01-21 00:38:42	Name: ar_debug Value: 1
.ct.pinterest.com/	1970-01-21 00:38:42	Name: _pinterest_ct_ua Value: "TWc9PSZrSG40NnZuem1MdXRNdGZsc2d2SkRpVE5ZTTZxK3BMMkg2VFl1M1Blb0xBOS9Jb0EwOTNtN05ycjVERjF1U2dvcUxLS0t0OElYNU40amlkQjR1TElxUW9XeUpvZ0tSbkhCMkpndVJ6eFFBcz0mV3E0cndTTjFaK1ZGa040TFBtUUg5bnhOU1RVPQ=="
.tiktok.com/	1970-01-21 01:14:42	Name: _ttp Value: 2XXsNgcvRctodr0LyQLuERT4xnP
norton.ow5a.net/	1970-01-20 16:03:11	Name: AWSALBCORS Value: FQIl9A1ZrZUFd1pCp1ilehg1fCVXze1bUBJTTCw0vwd+IwEU7eq/3XpYmzwg11AkwyylTsmW6UsRT3PpNiCoE1SZjMyFeRm6NnJ90iPuLu1CzZENVVBsK+hRd2p9
.ow5a.net/	1970-01-21 01:29:06	Name: brwsr Value: 0f15aa0a-7832-11ee-b2a8-5f7e3a3418a0
.ow5a.net/	1970-01-20 15:54:33	Name: irtps Value: 1
.norton.com/	1970-01-21 01:22:53	Name: _scid Value: 2ab75107-feaa-47f8-8608-1d06f9f0a712
.norton.com/	1970-01-21 01:22:53	Name: _scid_r Value: 2ab75107-feaa-47f8-8608-1d06f9f0a712
us.norton.com/	1970-01-21 01:29:06	Name: __helocckid Value: dbffe4d9-86a9-28d4-4c70-cc7eb726a133_1698786720
.norton.com/	1970-01-21 01:29:06	Name: IR_PI Value: 0f15aa0a-7832-11ee-b2a8-5f7e3a3418a0%7C1698873120724
us.norton.com/	1970-01-21 00:38:42	Name: kn_cs_visitor_id Value: 59f3f3d0-be7a-4aac-a6d8-ba7e7f849572
.norton.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_3_sn_1510B58F6E1F8722AF18E700A9034C33_perc_100000_ol_0_mul_1_app-3A8eab1c7fef283cee_0
buy.norton.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 7599CB1C09D116328ADCE3E5D6BE62F1
.buy.norton.com/	1969-12-31 23:59:59	Name: X-CSRF-TOKEN Value: 4d4RInZmZCqmnwROjOuoFjwJK69iHBqvmHi98edrTqA_
buy.norton.com/	1969-12-31 23:59:59	Name: ESID Value: 02c2c74f54-6981-428yQnAgr8Jkgx18IHDE9dCDZV19eJ1jC02c_8RYlAxofVuw9oVk92OORDTli5H-3sKBc
.norton.com/	1970-01-21 01:29:06	Name: _ga Value: GA1.2.1276752246.1698786720
.norton.com/	1970-01-20 15:54:33	Name: _gid Value: GA1.2.499925795.1698786721
.norton.com/	1970-01-20 15:53:06	Name: _gat Value: 1
.twitter.com/	1970-01-21 01:29:06	Name: personalization_id Value: "v1_VHxJYs1Sy3gpLqVZYvrD4g=="
.t.co/	1970-01-21 01:29:06	Name: muc_ads Value: 97546307-5659-46d1-bfca-a5e68adf0cf5
.yahoo.com/	1970-01-21 00:39:04	Name: A3 Value: d=AQABBKFtQWUCENKTDyEa4u5nuygGNhs6kAEFEgEBAQG_QmVLZeAYyiMA_eMAAA&S=AQAAAoH7kuTpga_KOmzs1g_eRwU
.norton.com/	1970-01-21 01:14:42	Name: _tt_enable_cookie Value: 1
.norton.com/	1970-01-21 01:14:42	Name: _ttp Value: lH1eFBNDVCTpCA4q3cLDVg8nBjE
.us.norton.com/	1970-01-21 00:38:42	Name: _pin_unauth Value: dWlkPVptSXpaVEpsWlRRdFlUSmlOQzAwTmpVd0xUZzFNVEl0WVRWalkyTmtZalkyTldJMA
.ojrq.net/	1970-01-21 01:29:06	Name: brwsr Value: 221a22ff-7832-11ee-b00a-9f77ee84bec5
us.norton.com/	1970-01-21 00:38:42	Name: EG-U-ID Value: C67e42b717-4f8b-4fc5-8a21-77cdaf56d54a
us.norton.com/	1969-12-31 23:59:59	Name: EG-S-ID Value: C432cdeb75-18b3-45dd-aa0f-7e8cb0165cac
.linkedin.com/	1970-01-20 18:02:42	Name: li_sugr Value: 942981ae-8739-4907-a3e8-c40091cfb69d
.linkedin.com/	1970-01-21 00:38:42	Name: bcookie Value: "v=2&29f3dd4a-7068-4848-8707-c8b234ae94bf"
.linkedin.com/	1970-01-20 15:54:33	Name: lidc Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2621:u=1:x=1:i=1698786721:t=1698873121:v=2:sig=AQHGXwHnwXesquHv9Ew-FJddGVpXEWTT"
.trkn.us/	1970-01-21 00:38:42	Name: barometric[cuid] Value: cuid_0805a502-af65-4707-bf42-16f7d7af68ba
us.norton.com/	1970-01-20 15:53:07	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1698786721342%7D
.linkedin.com/	1970-01-20 16:36:18	Name: UserMatchHistory Value: AQLGrKWp-vdJQQAAAYuHlD31tR2zd3jweR6HwFSAxzVXFWeXnh1qbazy21P_7Bnru3XBmwN--O6j0Q
.linkedin.com/	1970-01-20 16:36:18	Name: AnalyticsSyncHistory Value: AQK3A7E9E7x6BwAAAYuHlD31ZVjWO8i9m1rGxaYHzvM_t9h5xyLYfeHLm4_WbpD3zeYvkZBKdL-YmzKMj3xvmg
.www.linkedin.com/	1970-01-21 00:38:42	Name: bscookie Value: "v=1&2023103121120195c79762-b22f-4c3c-848b-c73b7d84c67dAQF-0EcTMRPJ5KFyiJaO7WtfciTfsGra"
.linkedin.com/	1970-01-20 20:12:18	Name: li_gc Value: MTswOzE2OTg3ODY3MjE7MjswMjFlDVEX/jGDImOPWtYFOrHWqk2h9PqfpZ18pL0OwDqffg==
gwmtracking.com/	1970-01-21 01:29:06	Name: kwsu Value: 65416da19b88043251db2a25
.leadsrx.com/	1970-01-21 00:38:42	Name: _lab Value: 1125900640727112
.leadsrx.com/	1970-01-21 00:38:42	Name: _lab_lastTouch Value: direct
.norton.com/	1970-01-21 00:38:42	Name: _lab Value: 1125900640727112
support-digital.norton.com/	1970-01-20 16:03:11	Name: AWSALBTG Value: a8HU7G4iaFoGgMSHTxDV81KufZEwtxlzsOsCwdoQYslImRpC+4Cf0Y14H0jgQFX1fjcdofAnGrsR2mYh+USg2dzDpAYc4KbgbMLf5oko8voKmPORrfCrJ4bGUxBTc5HOUGmZHa4DWmljBcZz1Iw2M//s43pJqvtzFTevtDioOtsoJehCylI=
support-digital.norton.com/	1970-01-20 16:03:11	Name: AWSALBTGCORS Value: a8HU7G4iaFoGgMSHTxDV81KufZEwtxlzsOsCwdoQYslImRpC+4Cf0Y14H0jgQFX1fjcdofAnGrsR2mYh+USg2dzDpAYc4KbgbMLf5oko8voKmPORrfCrJ4bGUxBTc5HOUGmZHa4DWmljBcZz1Iw2M//s43pJqvtzFTevtDioOtsoJehCylI=
.knotch.it/	1970-01-21 00:38:42	Name: optout Value: 1
.norton.com/	1970-01-20 15:53:08	Name: QuantumMetricSessionID Value: 7403bf13414284016fd863fe6a1fc577
.norton.com/	1970-01-21 00:38:42	Name: QuantumMetricUserID Value: fbb92cb519f66c76d24598cb74ee1094
support-digital.norton.com/	1970-01-20 16:03:11	Name: AWSALB Value: Dsgpqj2ChzvlouZ0KTXbZXL3Ji9YnyRo7T8RsXD05+cpctvyOGQCcJQr7vS+Q6HLAZVJvtwK8D8Ody5F+w+MUk96AHrgXaqthl/WqGUm8HOgXgStrnvV8ochyPgm7xV17mwqOiJVppsH/kDyI/q7ZPwYodWLeecCBWYUbs+HTCFHziEgeoJY+79ar51ggg==
support-digital.norton.com/	1970-01-20 16:03:11	Name: AWSALBCORS Value: Dsgpqj2ChzvlouZ0KTXbZXL3Ji9YnyRo7T8RsXD05+cpctvyOGQCcJQr7vS+Q6HLAZVJvtwK8D8Ody5F+w+MUk96AHrgXaqthl/WqGUm8HOgXgStrnvV8ochyPgm7xV17mwqOiJVppsH/kDyI/q7ZPwYodWLeecCBWYUbs+HTCFHziEgeoJY+79ar51ggg==
.bounceexchange.com/	1970-01-20 15:53:08	Name: bounceClientVisit2004c Value: %7B%22vid%22%3A1698786722880599%2C%22did%22%3A%227638121533348875262%22%7D
.norton.com/	1970-01-20 15:53:08	Name: bounceClientVisit2004v Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgK4oB0AdgPYBOCVFZAxlQLZEBGYVA5kQKat+NHgEsKPALQI4NfgEME6AtToNJg+aLCSUTeaxQgANCBowQJkKJQB9HlVsp+KFKIYwAZvLDPTN+wgnFzcPaG9ffgBfIA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	verbose	URL: blob:https://us.norton.com/f87242cc-7968-46b4-9b2b-3dc4a758b12d(Line 1) Message: Error
network	error	URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel?analytics_message=eyJldmVudCI6IlBhZ2V2aWV3IiwibWVzc2FnZV9pZCI6Im1lc3NhZ2VJZC0xNjk4Nzg2NzIxMDY2LTgxNDA4NzgzMjk0MDMtQzRKU0FSSlIyUTNPRzBKQUVURjAiLCJjb250ZXh0Ijp7ImxpYnJhcnkiOnsibmFtZSI6InBpeGVsLmpzIiwidmVyc2lvbiI6IjIuMS4zMyJ9fSwidGltZXN0YW1wIjoiMjAyMy0xMC0zMVQyMToxMjowMS4wNjdaIn0 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: about:blank Message: Access to CSS stylesheet at 'https://support-digital.norton.com/system/templates/chat/nll/css/iframe-style.css' from origin 'https://us.norton.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://support-digital.norton.com/system/templates/chat/nll/css/iframe-style.css Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

684dd311.akstat.io
8136487.fls.doubleclick.net
a.quora.com
ad.doubleclick.net
adservice.google.com
alb.reddit.com
amplify.outbrain.com
analytics.analytics-egain.com
analytics.pangle-ads.com
analytics.tiktok.com
analytics.twitter.com
api.bounceexchange.com
app.leadsrx.com
aq-swa-api.knotch.it
assets.adobedtm.com
assets.bounceexchange.com
bat.bing.com
bite.australiarevival.com
buy.norton.com
c.go-mpulse.net
cdn.pdst.fm
cdn.quantummetric.com
cm.everesttech.net
configs.knotch.com
connect.facebook.net
ct.pinterest.com
d.impactradius-event.com
data.cdnbasket.net
dpm.demdex.net
e.cdnwidget.com
enable-eg-ot.egainonetag.com
ensighten.norton.com
event.havasedge.com
events.bouncex.net
googleads.g.doubleclick.net
gwmtracking.com
ids.cdnwidget.com
lifelock.norton.com
norton-app.quantummetric.com
norton.ow5a.net
oms.norton.com
page.cdnbasket.net
pt.ispot.tv
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
region1.google-analytics.com
rl.quantummetric.com
s.go-mpulse.net
s.pinimg.com
s.yimg.com
sc-static.net
snap.licdn.com
sp.analytics.yahoo.com
spider.australiarevival.com
static.ads-twitter.com
stats.g.doubleclick.net
support-digital.norton.com
symantec.demdex.net
symantec.tt.omtrdc.net
t.co
t.paypal.com
tag.havasedge.com
tag.simpli.fi
tag.wknd.ai
tr.outbrain.com
tr.snapchat.com
trkn.us
tvspix.com
us-central1-adaptive-growth.cloudfunctions.net
us.norton.com
view.cdnbasket.net
wave.outbrain.com
websdk.appsflyer.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.knotch-cdn.com
www.linkedin.com
www.nortonlifelock.com
www.ojrq.net
www.paypal.com
www.redditstatic.com
lifelock.norton.com
support-digital.norton.com
104.244.42.195
104.244.42.197
13.107.42.14
13.249.9.8
142.250.186.166
146.75.116.157
151.101.0.84
151.101.1.21
151.101.193.35
151.101.194.132
151.101.65.140
162.159.153.247
18.244.140.93
2.18.97.54
2.19.11.8
2.19.120.33
2001:4860:4802:32::36
2001:4860:4802:36::36
212.82.100.181
216.200.122.11
216.58.206.34
216.58.212.134
23.196.247.136
2600:1901:0:56e0::
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
2600:9000:206f:a800:1:996f:a9c0:93a1
2600:9000:269a:5200:12:1bcc:1d00:93a1
2606:4700:10::6816:34fc
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:802::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2008
2a00:1450:400c:c0c::9d
2a02:26f0:2c:28c::11a6
2a02:26f0:2c:29d::1015
2a02:26f0:2c:2bc::1015
2a02:26f0:3100:782::11a6
2a02:26f0:3100:787::1e80
2a02:26f0:3100:795::11a6
2a02:26f0:3500:884::1931
2a02:26f0:3500:88f::1015
2a02:26f0:480:15::213:7e63
2a02:26f0:780::210:a441
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:400::396
3.124.119.57
3.162.38.245
3.248.147.241
34.102.193.48
34.102.206.216
34.111.8.32
34.120.253.250
34.149.44.52
34.249.73.231
34.254.6.250
34.30.96.65
34.66.3.160
34.95.120.72
34.95.127.121
34.98.72.95
35.186.249.72
35.190.43.134
35.204.89.238
35.244.142.80
35.85.73.196
52.10.82.74
52.13.223.29
52.17.159.98
52.200.32.109
52.30.155.104
52.33.252.192
52.45.37.98
54.163.224.65
54.171.111.121
63.140.62.108
64.202.112.31
66.235.152.152
00d296d637c152187f0ca58a302dfd8c85c93fabbf8efd0241f4eb094bbf5301
013bf59b8f0226c32593d1ecdc756b9cda5d1cc729e2d27f640b1731d69d525f
01a35bb43d6af1d38f1240aa5e4935892e9feb2888813b1f41bea599be833f53
02172324238a136c074ee440cdcf6ab7a574914ca84bd6c3872496131f6c2cc0
021c5fc6030190f968031644cc8a81738766d504ef2c6f351a642d1eabe90ed3
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3
0276a3875301a4ffd3c0de90620c0cc01c0e7af8014dcdd3004862138f05fe77
0454717d3e5c1927082971c8568627c39dcc6302da205cb1e7558829f539c105
047326738d40c8e278c7e117df1ae29260ccb40ea994b650075a3c669f85046d
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
07e2a6fb0d22cdbde787ec2941eb285c222861ddc3cbc8903315b6e5942be8cb
08b4a2b1c1d126faa01aaf03e54b3099c166bbea70aab7d01fb4ca52148dc35b
0afb5adee300f91b2ac3acb6feab6c55078727db7612d20fa5f5542640637d4f
0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
0f5835f8248e73e4d1e8cff3b30d277517ac78d3181c3624b867e732d7e21bfb
10ee5dceec424da60cca73a53be7dff3c07fb7c020dcccab6e7a743dc390453c
12d47240f7cbd02b0e6d9cf584d5fad93e4837ae38068ee5766648e8fbe868d7
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
19c15cc50396c826c9b0faa7087e76f783b310a9c77a4e3a52d4d2f4de35b7ab
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
22c66cd15f32e15c9373fc199c95f3dd381435590e5592f1b93ad971491b7172
22f8b5742f36975c1f0d054e483b4ef14eaab3c472c81558115f431dfee721a1
23cbdb9898337abd7b695077d28d5ce16d5c77228c3da33e6c40b9b4ff9d49ef
26188be6d542dc6273d9a079d7e12e9d8c1c1eb8e3008b3f9ea8117f18614dfc
26733cd2376f723c6cae20ddf89d1262ed53e5441aeffb9e6782851b30d7733d
26821fcabd9f233365066ecaf07ef42395c30f78a4bdcca9ea952b9898d22cf7
281a56b7545d2f7b1730c9e95d86832077f87db0a9dc181bfbb743803a2d2e3c
29cbaaef845ba215a542fa66bcb378db6e47f9b432de280d0f31050f02e455eb
2c78f8cbd3b5cf256345ddc05026461523459611ccd8e50e567757d645c6c073
314b30d1c560018c036674ed197d2813e555344b9a770e0c95078c96753ba234
33d65952c608940b28ba190eee0de5af24e53d776f0a7c020db74a339cca2000
35841586916c42ab55342f74b9781124f437369bf38be24488ed5aeff7693256
36d3127ae63e30fe49a62b9eb1353c643a9a67f4ca86b06768ad0d3b9ab045f4
36f3de8125c18db4731b41f5403f2a7b9ac09fd6ed2ae40d4045f03a8cdd7a86
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37ca47de0875287dda60c0a5403605db5ceae15909840aee94bb4641e2233e6f
37d36a2bd7502379676527d1514f1e169528ffc1f04e1b66887ffab34236c735
3af99c9e152eb6a388574c6cbd1df620882f99b486c542360b84eeea25923d04
3cfad2c28fe50f641c4a891d158cd951206ebfc4438cf7d5827e2b3d7a68435e
3db55960e8bf49c8012b7f7e17ab9660b284b26d59e01718833568336e837791
3f621ff0ab68e4066ed20d6df4eae57ad20f6c90271a8268dac373e696179f7b
43bca9c25e559aaeee0eac2e305da3b64bf9afe0ff957e55c289f5f33b7a9ab4
43f80764e0d9752a9552f8183c96c294ef1676e4e81e116103c5c2583558b819
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44c6f774243c238ccb1bcebcfb9824dea5fad8aab88d33feff8ddb8bce133b36
4625474c8f7d0cea451698832acebce373fefcacd340497ac48ff20189aac208
47ab57d11d21e48186e843a451c9bf00461d50800b7afc2b8e32f5e0e3d62d3f
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
488db805a326a9218cf40ddfdfeffb16f2344ff7061ce17d3dac68ef009d99c9
49c3e031c81d8350edfad2541050049a252b9d0171ea2737407950252bf36245
4d35b10d4cb1628be93f5e6ed8b3f3316d960f49e08d731a4c6169affdf96e5b
4d81a2ce193279971bf912257ddeab54de07b42ca4b17be73cd0bca04ee7af41
4e7140f58b2b89a1c8ffba6df69a1e845f6e8fee48987276a7523b8244191c3e
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5126774b4a2eb1a7dda54f6620b773bdf61af175bab81dc7210cd3ac1611b32f
5296e1972bf6b473bf0f6b806ec251345e39bc0d6211853048fdcb671a9c3e69
52a9c1e985fb4de9c75c6cc17a88f0bbe1d6fd298c3582c2b73890580852ac40
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56a91178be19c73d3cd57f522c0c8dc23246780057acf2a768f0fd7b12bf492a
5737ca9a11ba413e912b3db5f0a9f546ad5c9ed423e129e77a1063a00e0c9ac4
5a75a26f4dd38fe6f26a171533626d35e2df62b7c94a74c147c49589bac9b427
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
5e303e88b8398f416f84591973b2dc5df6d02746f782fc367368e3f6fbfae6ad
5eac2739e5d9493ae5b707318c53fa95656f0fe8bc0a3adec308a1404a62bf47
600afc538fb911c606f046d5ce513b92921c9244ca334532a910ba7de00dd8f8
6382bce54e2b1f583841046c9ab00b9de06412061f1512bc0896288edc4725af
651e2cfed4c79edb94e0d38b81dd5301df0b4180248c1f04045045255b187d7c
66c4aac8d7531a43e502e364d2ff267a560cd3565dc76154fbbe8718f63dee87
672e173a1961506da81fd51463bb8b4aeacf8be4d484d02dca74b3e3a848ab7c
678af6e2a8e4865d47fd0a9595059fecf15970dc2de67b00c802868671582c0b
67ea25b667e682329257a5d41f9c64373b8715f2d6891fbb846cfbd008da44b7
68f203e55e482507ae7cbb5b047aae6add3797b76f0ab6ffe4a65b6f8deb6875
6b5116bd2cb4809c6634b99a9b1ea0a0aeda596a94817682a0e4811e35eccc58
6b68303c7f73e7520fb90673f4bc044f094d455203a4fde2a7c665ecd0979343
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e34f0e5c02869c7af0877fc891d549baf7038110147953de90ab21b217e7493
6f18ee6b80b3cf696d7fe22e4f7ef414301f6c3d4396f7c3d13d23eea7166e2b
6fe26570fa6f95a827697ee1d70234115679a607cb6f65a38a8ba0ac784f757f
70242b7559c38404934267e32fa95b7ab11a7f1f8ec793c34b96e84aed7a42b1
7065fd91818e713fc7e0b6ede5b478108d14b23ac56999774018fb8bc22091ee
713768777efe66182455be5e7bed444b80c8a67e9151943bcb800c7d19f6009d
721ce4f2e9528ece743ec5b0e26e32abef4ffbd4fb8f35ef33df50e125754d47
73b85df6290b6add489d085d46527c813406b86d246a352697fdf53f7752be60
740aa6291fd74459f0ad0c2256a71eee68079130896c7b1554ff86501789ed37
76f7f35bce1403244a18856e96a20eb2ecd911b3dcbffe74bced147627933f16
799c2b76f617ebe6cf5c90e376212faa5fd523abb39325cf4fbd848c3c9c930b
7adb2fbfe7954dc15cd52b3fd050b57f65d2cd79987544247664929134329f25
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7dc0108355117ef1d4f6b974756d2d9f83e6b16bad59f340525e05fdaca97229
7e549f1fcfab734025757f85babfcf8a8f2eef7e88aae11c61d5b4900f2fa166
7f60b70cd0914dab4dbb9f4e2f97e3e8b2784c500ec236e68adb2956bff893ba
83035b8d4a15dab906855580e43e1bee34ee5a7d32a0197c787ab3e0814a00fa
843d4c26ab79b8ea04917549dc85d3126cd2e1c972377182e009b8ebf25a3e07
8454a8ebba1b19a39156e9548761de9d366cd4ee1d1031305d2fe4a6e78474cd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86af172e9ce86f4d071b306ef41262ff9dd22e6eb04699107d20f185efbf74e7
8b912949753e4876dcc1242255b958c1cf74cfc84859fae7e44c698b02ce2f43
90fffaaefc4b81b319bef8c9a9c5f8c2c56e85a1ab3d82339b2158b69c682ccc
963adb4be5eee8f53bd330e7a6b03749ffb2de194b69705b25c0be94b86aa1b7
979d9c53b83a6faef55e6f10516b72b9b191a74fa80b8118d12d689ff7b4f3cf
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99eb12f2ab3c4866a353e098ffa3cb7a967e617c49b98480394ec5d8ea92b094
99f75695c2c988d08dee5156241f1068e31d6905c89b5556ab93769f39b1dd96
9a8046ae76f3c2fa5def7d0153cdb57e8d97c88ccb913dcb4209e3a9f001a36f
9b3c31d3c84a5c046be4503abe96bb606bc21dfd10db305ddd88331dbcd96939
9be9d584d9718fb12864ee91ea739e931ec9a2cbd66594b6654888b6f5c469b8
9cae17c82ee21eebeb7713ea50198ae11522924f892e3ea70d0e38ae84a70f1a
9de306af9d6e26cefb1a6d367b86302567b4174cc361a3ed0321039d53d14a52
9efdb512753e09f3cd002e176a575c7645ad6ff46abaabc8a84756d5086fb4b0
9f36ed07fb1e93d8a8e2d469fba391464dbe657b060dd9fedc3e84c32b38c277
9f5c781ac43d2475f833b618ae0dfa46d0cf6b75411aa594c6a64e620569c81b
9f8441024e84c58109845fa52d52c98b3a2a6cde7529d923779fc815053795d4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a11b7266dbfddbd0ade73ee5b56d90fcaacad3d2258d6fa11da30768ebf59bae
a1a7069365ef1fa15bd89c341e44edb807bec4e6006c3f6cc2eede1df5868531
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ab972f6a39ea0cc174d842ee8e05040126ae6ff7a9cb1ba71832891f65b777c9
abcdba8205ffaf2f171d12f5468464dfc16a51988b01197728ecf8e83caeb7ba
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acdd84d9b9a87f044a4027c8ac427a1a2a84760cc49753c46da0c85c6a711584
ada825f777baefed28ce1b8618d0d6ac616f02fff5ac3869350022bb738d7b64
ae3fc72ba0700c4ec7a25c06e10fe8a7c015cdac58e5a1765b78a650031f8791
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af53b000162c418bd34308bca5c49bf476341d22385bb138a97571998447ce59
b0d59e6793fe0753b08ca807791faf4b84909d00eb0ea9eee991bfd961065402
b1ab7f60896733bcc2a64777ff4f43ffcdc9c12605260980557798b67ba292ee
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b305b33d6add58c9c895b0c20f97d3085b4c11b8d6856d76e762699f29627a6e
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b62a5460aded745f58d0ee048ee9422f7aebb4e1e3958dcf5fc14f6395e5ee91
b6b060185ee93dfd3c9523749a728aef3e8f9a43429f685b0e25d28d3d6dd4f9
bb6f12c7d2e7c565090a55d90424b281cbf41437a920641dd2d2ffe961215128
bbefe320737fe495cd077de514d582b53864460f0c782ad24d1904d1627fa9c4
bc8f490b0781f5646e96ecd80e0d5b3a7f93ddefd39ec1af514d0187a3101999
bce657f4cccebf522c57d100dd000580e9d540711cab1b9c014a0e8854251f4c
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
c0192be544261e01a5122cd654b834b0572f391d2aa23d8ba897134beef16038
c1a0f115cf3ee9effbcf28741f2c9c5d535644f6f20167067d3e87686ad27d6e
c2a101f313f27c267a744088e44664a87d2ec7dc2a3464bf1319a95094dc76db
c4fad867557fa65e1a778e915c0b4ed0cd1bbb4443452c8943e5cec6504311e7
c7f2acd9ddf3bb4bace35c6683947d8e0383319696adf8fef74ce666341475b7
c81ab91c780c257b541589f6059ed82a861f77363676b31aedf18a7773ce42d9
cb41da0d57027d3c3b757102639c45d2a67ad6aea34a27f3d9d1e6ff051cfafc
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
ce11f5e0a919ef95ada392313d0c4b99c958517cf35db69397054d0e8111abf6
cf14d2c07884176483beb43a76b3f79899619cb087fc8176c3792ca79d47c83d
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfd3b0bdf3f833762d44bab0f549be28519ff5303dc420c3eae73cca2ee73229
d0949842faf7022686cdc10f6b3249267c7efb20c8043f708a11b4b3779f712f
d18d2901d4e5217a5616a320fc71b109cd1d291dd356bb7f97e07b5a39c06ff0
d37545bbfbab30b44e51e630172af7d5d8a717afe66642b3e8eba0f6e1666872
d3f62c0e83358ea15bdac14acdfcd658d3004a155edbb30dd37729732767a536
d692a7ce9da419498da008ee03bfffbf7be905c66b87a8f18bdc2398e57a1497
d6ac85ccebb4f4f5577ee62f197b01c80e01c813454ef5c998df0d4f378a89a1
d92510e1217668642bc5364d01f23adc6a2462587993f16a0eb3e58678902165
dde08c42463f0916837a604177ea70e2c6f7d74f8f7333ac0d47391c07d653dc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df1c84b7b7dc39655db2bd72f4f17cefd065d4140ba2bf771f6d35a18f9b1ec8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ffc0b66d8feace6bbb5bf4db49d7d2f5d9a0516965b93dff62c180317740ca
e4f31011d023513685356b3713056205f8d9151209f120ab0734236e716e148c
e5482be7e320309879a70151d1b8f140fbe425123b4578b6c6ebc4114fc333e3
e581dd5a912f0d3c081b82b3a8b25c95c6838077449ad63f43519f3cab54bd16
e5b8530118b2d33fc3583b5d57e2c1d5d96367383e6fe1ca938d708d414dcc80
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
e85cfa2b997618fa9592dbd38e35e59b0d80e157ab4f13faa193c86b201d9ae5
ea2566e46783fedce851cc101cd35ba6042d847f61a9ebc49c5afb480aa4f534
ea2ba4e7b076f693cf3f381554004f55c461d32ef4e12cdef7c0b68115900b89
eb33a7c8f4c9da8242d9db3777aa857f3c48632f9d5c6a6f787bd27ecd28f767
ebdf93991a2ed22745d06711d88be171680e237cc52491457833f82fc4639937
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63
eddc11d8be0ae5311acc08d5f2ebe7ff9426384f6408ecbb56abbd7fb5e03743
ee250a51e2e6b62b7d5eabb96a8e285ccbdf4d439a09e827992f56ccfb55a99c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2ef90edfb28a83fdeaba8d622ba26a43a80489387d344574add1bee27ab07d6
f3575aa300b6e7d7fe1ca7f50e5c39a44dec7445b5681cdc116a74e91402121c
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f81bb666cdf7001d0a30371d83d4533dd593f85ea01bbb959c812c8b6974e6ae
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f85db4d7473834756e86b48aec0c7cbfd8a1d5bcf3957565f6253c9ffaeae19e
f87faa12661708c790d6dfa38330af63026f082877775e724d3a6068fee65761
fcac8e16b8ebf8cb73c0f1ff1a72b70ee8f750b7bd7d33ce70ad538531b74077
fdb3f80ad6876da45ed4e07db6bdb29b314f2a272ff97bfa9889e4b6e4740f52
ff0f4e4f7dcaac0334ec00e1a654bce5aee589c1208d30872ce5061568975b02

us.norton.com Open in urlscan Pro 2a02:26f0:2c:2bc::1015 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

264 Requests

95 %HTTPS

36 %IPv6

60 Domains

86 Subdomains

80 IPs

7 Countries

2665 kBTransfer

8865 kBSize

92 Cookies

96 Outgoing links

Page URL History

Redirected requests

264 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

us.norton.com Open in urlscan Pro
2a02:26f0:2c:2bc::1015 Public Scan

Screenshot
Live screenshot

Full Image

264
Requests

95 %
HTTPS

36 %
IPv6

60
Domains

86
Subdomains

80
IPs

7
Countries

2665 kB
Transfer

8865 kB
Size

92
Cookies

264 HTTP transactions
0 data transactions