login.norton.com Open in urlscan Pro
137.117.34.60 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lifelock.custhelp.com/rd?1=AvMM~wr_Dv8S~xb~Gv8Q~yJAFzgqtJH5qgup0j7~Pv9g&2=6152&6=1&7=806746472
Effective URL:
https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb...
Submission: On October 09 via manual (October 9th 2021, 7:20:54 pm UTC) from US — Scanned from DE

Summary HTTP 34 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 9 domains to perform 34 HTTP transactions. The main IP is 137.117.34.60, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.norton.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 1st 2021. Valid for: a year.

This is the only time login.norton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	130.35.3.146 130.35.3.146	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
3 5	40.118.234.43 40.118.234.43	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	137.117.34.60 137.117.34.60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	23.193.32.242 23.193.32.242	16625 (AKAMAI-AS) (AKAMAI-AS)
11	23.193.32.35 23.193.32.35	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.200.208.216 18.200.208.216	16509 (AMAZON-02) (AMAZON-02)
1	172.67.20.158 172.67.20.158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.197.253.20 18.197.253.20	16509 (AMAZON-02) (AMAZON-02)
1	52.17.95.93 52.17.95.93	16509 (AMAZON-02) (AMAZON-02)
1 1	34.248.191.66 34.248.191.66	16509 (AMAZON-02) (AMAZON-02)
3	151.101.65.175 151.101.65.175	54113 (FASTLY) (FASTLY)
5	35.222.211.90 35.222.211.90	15169 (GOOGLE) (GOOGLE)
1	40.78.18.193 40.78.18.193	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
1	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
34	14

1 130.35.3.146 (Phoenix, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

lifelock.custhelp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 40.118.234.43 (San Jose, United States) 3 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

my.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 137.117.34.60 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.193.32.242 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-193-32-242.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.193.32.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-193-32-35.deploy.static.akamaitechnologies.com

static.nortoncdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.200.208.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-208-216.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.20.158 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.95.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-95-93.eu-west-1.compute.amazonaws.com

symantec.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.191.66 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-191-66.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.175 (United States)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.222.211.90 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 90.211.222.35.bc.googleusercontent.com

norton-app.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.78.18.193 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

webapps.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

oms.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	nortoncdn.com static.nortoncdn.com	1 MB
8	norton.com 3 redirects my.norton.com login.norton.com webapps.norton.com oms.norton.com	101 KB
6	quantummetric.com cdn.quantummetric.com norton-app.quantummetric.com	73 KB
4	kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com	104 KB
3	demdex.net dpm.demdex.net symantec.demdex.net	5 KB
3	adobedtm.com assets.adobedtm.com	35 KB
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	ensighten.com nexus.ensighten.com	22 KB
1	custhelp.com 1 redirects lifelock.custhelp.com	352 B
34	9

	Domain	Requested by
11	static.nortoncdn.com	login.norton.com static.nortoncdn.com my.norton.com
5	norton-app.quantummetric.com	cdn.quantummetric.com
5	my.norton.com	3 redirects login.norton.com my.norton.com
3	nebula-cdn.kampyle.com	assets.adobedtm.com nebula-cdn.kampyle.com
3	assets.adobedtm.com	login.norton.com assets.adobedtm.com
2	dpm.demdex.net	assets.adobedtm.com login.norton.com
1	udc-neb.kampyle.com	cdn.quantummetric.com
1	oms.norton.com	login.norton.com
1	webapps.norton.com	my.norton.com
1	cm.everesttech.net	1 redirects
1	symantec.demdex.net	assets.adobedtm.com
1	nexus.ensighten.com	login.norton.com
1	cdn.quantummetric.com	login.norton.com
1	login.norton.com
1	lifelock.custhelp.com	1 redirects
34	15

This site contains links to these domains. Also see Links.

Domain
sitedirector.norton.com
www.nortonlifelock.com

Subject Issuer	Validity	Valid
login.norton.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-06`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
store.norton.com DigiCert SHA2 Extended Validation Server CA	`2021-03-05` - `2022-03-10`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
my.norton.com DigiCert SHA2 Extended Validation Server CA	`2021-09-02` - `2022-09-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-17` - `2022-07-16`	a year	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-14` - `2022-10-12`	a year	crt.sh
*.kampyle.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.quantummetric.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-18` - `2022-02-13`	a year	crt.sh
webapps.norton.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-17` - `2022-03-22`	a year	crt.sh
oms.norton.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-30` - `2022-09-30`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
Frame ID: C8B6D8B5A050B549E80FFF6C26464284
Requests: 23 HTTP requests in this frame

Frame: https://my.norton.com/welcome/home?&displocale=iso3:DEU&displang=iso3:deu
Frame ID: 729BB7050175145E01C6CE478CF06AC5
Requests: 5 HTTP requests in this frame

Frame: https://symantec.demdex.net/dest5.html?d_nsid=0
Frame ID: 9A1A19D3D789A76C6C244BC4AF4ADB1F
Requests: 1 HTTP requests in this frame

Frame: https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Flogin.norton.com%2Fsso%2Fidp%2FSAML2%3FSAMLRequest%3DnZFfa8IwFMW%252FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%252B%252Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%252Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%252Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%252B5AJ0r3Vax6j4N%252Bb%252FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%252BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%253D%26SigAlg%3Dhttp%253A%252F%252Fwww.w3.org%252F2001%252F04%252Fxmldsig-more%2523rsa-sha256%26Signature%3DD2Wp90T3uGDigv7r%252F1QuZ0e8OJ%252FrzcH3GTCDqMZc%252FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%252BreASD%252FrxzbvDfafSmPQN2hKOnIWILz35%252ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%252BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%252BW%252FS5Bdsag0vaAhq%252BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%252B2LXxYzk7swPXrcX6O93D9R7Hzulaw%253D%253D%26displang%3Ddeu%26displocale%3DDEU&t=1633807250818&v=1633807250856&z=1&S=0&N=0&P=0
Frame ID: 12914A65D1A8630672CD4F992F15C360
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Einloggen - Offizielle Website | Bei Norton Account einloggen & Einrichten

Page URL History Show full URLs

https://lifelock.custhelp.com/rd?1=AvMM~wr_Dv8S~xb~Gv8Q~yJAFzgqtJH5qgup0j7~Pv9g&2=6152&6=1&7=806746472 HTTP 302
https://my.norton.com/extspa/lifelock?redirectUrl=%2Falerts%2Finbox HTTP 302
https://my.norton.com/ssoprecursor/home/index/lifelock?ReturnUrl=%2Fextspa%2Flifelock%3FredirectUr... HTTP 302
https://my.norton.com/identity/account/login?returnUrl=%2Fextspa%2Flifelock%3FredirectUrl%3D%252Fa... HTTP 302
https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%... Page URL

Detected technologies

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Page Statistics

34
Requests

97 %
HTTPS

0 %
IPv6

9
Domains

15
Subdomains

14
IPs

4
Countries

1631 kB
Transfer

3772 kB
Size

27
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://sitedirector.norton.com/932743328/?ssdcat=150&product=sso&displang=iso3:deu&displocale=GE&env=prod
Title: Globale Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/about/legal
Title: Rechtliches

Search URL Search Domain Scan URL

URL: https://sitedirector.norton.com/932743328/?ssdcat=150&product=sso&displang=iso3:deu&displocale=GE&env=prod&origin=sso
Title: Datenschutz

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lifelock.custhelp.com/rd?1=AvMM~wr_Dv8S~xb~Gv8Q~yJAFzgqtJH5qgup0j7~Pv9g&2=6152&6=1&7=806746472 HTTP 302
https://my.norton.com/extspa/lifelock?redirectUrl=%2Falerts%2Finbox HTTP 302
https://my.norton.com/ssoprecursor/home/index/lifelock?ReturnUrl=%2Fextspa%2Flifelock%3FredirectUrl%3D%252Falerts%252Finbox HTTP 302
https://my.norton.com/identity/account/login?returnUrl=%2Fextspa%2Flifelock%3FredirectUrl%3D%252Falerts%252Finbox HTTP 302
https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://cm.everesttech.net/cm/dd?d_uuid=56363568287769748373769923003975154148 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YWHrkgAAABhvNgQf

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

Primary Request

Cookie set SAML2 Show response
login.norton.com/sso/idp/
Redirect Chain

https://lifelock.custhelp.com/rd?1=AvMM~wr_Dv8S~xb~Gv8Q~yJAFzgqtJH5qgup0j7~Pv9g&2=6152&6=1&7=806746472
https://my.norton.com/extspa/lifelock?redirectUrl=%2Falerts%2Finbox
https://my.norton.com/ssoprecursor/home/index/lifelock?ReturnUrl=%2Fextspa%2Flifelock%3FredirectUrl%3D%252Falerts%252Finbox
https://my.norton.com/identity/account/login?returnUrl=%2Fextspa%2Flifelock%3FredirectUrl%3D%252Falerts%252Finbox
https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHx...

152 KB
24 KB

392ms
132ms

Document
text/html

137.117.34.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

137.117.34.60 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

sso /

Resource Hash

792f4aea1c3d8ad21b4c04c61d599dea2ef0155c1ded1121dc4e16a5a16f1707

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; img-src 'self' appleid.cdn-apple.com stage.nortoncdn.com static.nortoncdn.com dpm.demdex.net nebula-cdn.kampyle.com oms.norton.com udc-neb.kampyle.com cm.everesttech.net data: blob: 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' stage.nortoncdn.com static.nortoncdn.com ssl.google-analytics.com www.google.com www.gstatic.com symantec.tt.omtrdc.net cdn.tt.omtrdc.net nexus.ensighten.com nebula-cdn.kampyle.com www.symantec.com cm.everesttech.net udc-neb.kampyle.com oms.norton.com assets.adobedtm.com cdn.quantummetric.com; frame-src * 'unsafe-inline'; worker-src blob:; child-src blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: login.norton.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Cookie: dtCookie=2$A926CB79BA5270E8C8CFBE83478C0C63|ce0424ba158762c8|0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sat, 09 Oct 2021 19:20:49 GMT
Server: sso
Request-Context: appId=cid-v1:6ea52e03-0757-4fc0-b13a-638afc461255
Referrer-Policy: unsafe-url
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; img-src 'self' appleid.cdn-apple.com stage.nortoncdn.com static.nortoncdn.com dpm.demdex.net nebula-cdn.kampyle.com oms.norton.com udc-neb.kampyle.com cm.everesttech.net data: blob: 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' stage.nortoncdn.com static.nortoncdn.com ssl.google-analytics.com www.google.com www.gstatic.com symantec.tt.omtrdc.net cdn.tt.omtrdc.net nexus.ensighten.com nebula-cdn.kampyle.com www.symantec.com cm.everesttech.net udc-neb.kampyle.com oms.norton.com assets.adobedtm.com cdn.quantummetric.com; frame-src * 'unsafe-inline'; worker-src blob:; child-src blob:;
P3P: CP="IDC DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-XSS-Protection: 1; mode=block
Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
vary: accept-encoding
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Set-Cookie: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=de; Path=/; Secure JSESSIONID=A23C40556619FE1B6AA50D2272862A90.jvmroute8081; Path=/sso; Secure; HttpOnly
Keep-Alive: timeout=60, max=500
Connection: Keep-Alive
Transfer-Encoding: chunked

Redirect headers

content-type: text/html; charset=utf-8
content-length: 1606
cache-control: private
location: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1
set-cookie: __PostLogoffStateState_4cb3=; expires=Sat, 09-Oct-2021 19:20:50 GMT; path=/; secure __StateState_4cb3=eyJSZXR1cm5VcmwiOiIvZXh0c3BhL2xpZmVsb2NrP3JlZGlyZWN0VXJsPSUyRmFsZXJ0cyUyRmluYm94In0=; path=/; secure
referrer-policy: no-referrer-when-downgrade
content-security-policy: *
x-oneagent-js-injection: true
x-ruxit-js-agent: true
server-timing: dtSInfo;desc="0", dtRpid;desc="-1598702617"
date: Sat, 09 Oct 2021 19:20:49 GMT

GET
H2 200 launch-ec64249dfc51.min.js Show response
assets.adobedtm.com/b29989a14bed/0b3c1a6a837b/ 105 KB
34 KB 61ms
9ms Script
application/x-javascript 23.193.32.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b29989a14bed/0b3c1a6a837b/launch-ec64249dfc51.min.js
Requested by: Host: login.norton.com
URL: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.193.32.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-193-32-242.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3f59659abf915ef77cf531ca98641bae585de63bfc83639f119b597de46fb013

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 19:20:50 GMT
content-encoding: gzip
last-modified: Fri, 09 Oct 2020 21:12:43 GMT
server: AkamaiNetStorage
etag: "7d1cbc3530e11e27a6715481c517cff4:1602277963.441078"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://login.norton.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 34745
expires: Sat, 09 Oct 2021 20:20:50 GMT

GET
H2 200 nsl-web-2021-10-04-18-58-13.css
static.nortoncdn.com/static/sso/2021.3.4/101/css/ 413 KB
53 KB 55ms
6ms Stylesheet
text/css 23.193.32.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.nortoncdn.com/static/sso/2021.3.4/101/css/nsl-web-2021-10-04-18-58-13.css

Requested by

Host: login.norton.com
URL: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.193.32.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-193-32-35.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (CentOS) /

Resource Hash

736d33f30fde46ee92a4b549fd2c29c6b50e11fb3e4ad82c3782da908574e27e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 20:35:36 GMT
server: Apache/2.4.6 (CentOS)
etag: "6723e-5cd8cdafe9b97"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: text/css
access-control-allow-origin: *
date: Sat, 09 Oct 2021 19:20:50 GMT
accept-ranges: bytes
content-length: 54181

GET
H2 200 sso-default-2021-10-04-18-58-13.js Show response
static.nortoncdn.com/static/sso/2021.3.4/101/js/ 173 KB
55 KB 64ms
15ms Script
application/javascript 23.193.32.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.nortoncdn.com/static/sso/2021.3.4/101/js/sso-default-2021-10-04-18-58-13.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.193.32.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-193-32-35.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (CentOS) /

Resource Hash

ba211d2712b72ae2426659394a0c3ae94097a572048d5a1cd6f8d0b3ddd92e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 20:35:37 GMT
server: Apache/2.4.6 (CentOS)
etag: "2b469-5cd8cdb07ea7f"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
date: Sat, 09 Oct 2021 19:20:50 GMT
accept-ranges: bytes
content-length: 55864

GET
H2 200 clt-cloud-helper-2021-10-04-18-58-13.js Show response
static.nortoncdn.com/static/sso/2021.3.4/101/js/ 7 KB
2 KB 67ms
18ms Script
application/javascript 23.193.32.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.nortoncdn.com/static/sso/2021.3.4/101/js/clt-cloud-helper-2021-10-04-18-58-13.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.193.32.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-193-32-35.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (CentOS) /

Resource Hash

67e85c2e449e8f644bc8a50ff463905e2d6650a2ec3fcd3fc452e59a0cdc2ea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 20:35:37 GMT
server: Apache/2.4.6 (CentOS)
etag: "1aa7-5cd8cdb07466d"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
date: Sat, 09 Oct 2021 19:20:50 GMT
accept-ranges: bytes
content-length: 2133

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 367 B
1 KB 170ms
36ms XHR
application/json 18.200.208.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1633807250653

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b29989a14bed/0b3c1a6a837b/launch-ec64249dfc51.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.208.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-208-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

5cf57b1d41a0b87cd45e056c7a9585c74805144c3afb9a7846e3afbe81b134db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v018-0807da26f.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: Pz0ueeWnQLE=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://login.norton.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 308
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 home Show response
my.norton.com/welcome/ Frame 729B 1 KB
1 KB 185ms
184ms Document
text/html 40.118.234.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.norton.com/welcome/home?&displocale=iso3:DEU&displang=iso3:deu

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.118.234.43 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

0af58469e8f10b8bb5d5181f9b45bf71050d30273c34bbed9d0d9378bfd08053

Security Headers

Name	Value
Content-Security-Policy	*
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

:method: GET
:authority: my.norton.com
:scheme: https
:path: /welcome/home?&displocale=iso3:DEU&displang=iso3:deu
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
accept-encoding: gzip, deflate, br
cookie: ASP.NET_SessionId=sojpy5xggd1wjtj4llpybiio; dtCookie=2$A926CB79BA5270E8C8CFBE83478C0C63|ce0424ba158762c8|0; IQBERAWQ=02eec82c2f-6d55-44mHagbYV0wER9-x9N01YWRjAl_9gEAilxp-PRKRpZx7GU2EzR8JKi-DKL1JklfyLY1T8; __PostLogoffStateState_4cb3=; __StateState_4cb3=eyJSZXR1cm5VcmwiOiIvZXh0c3BhL2xpZmVsb2NrP3JlZGlyZWN0VXJsPSUyRmFsZXJ0cyUyRmluYm94In0=; AMCV_67C716D751E567F70A490D4C%40AdobeOrg=870038026%7CMCIDTS%7C18910%7CvVersion%7C5.0.0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU

Response headers

content-type: text/html; charset=utf-8
content-length: 657
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
content-security-policy: *
x-oneagent-js-injection: true
x-ruxit-js-agent: true
server-timing: dtSInfo;desc="1"
date: Sat, 09 Oct 2021 19:20:50 GMT

GET
H2 200 logos-single-norton.png
static.nortoncdn.com/static/sso/longlived/images/ 4 KB
4 KB 7ms
6ms Image
image/png 23.193.32.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.nortoncdn.com/static/sso/longlived/images/logos-single-norton.png

Requested by

Host: static.nortoncdn.com
URL: https://static.nortoncdn.com/static/sso/2021.3.4/101/css/nsl-web-2021-10-04-18-58-13.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.193.32.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-193-32-35.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (CentOS) /

Resource Hash

983fb5998e593ec7a06e7ff204363fee98cabf1fea5940be2fc6f028c4441724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.nortoncdn.com/static/sso/2021.3.4/101/css/nsl-web-2021-10-04-18-58-13.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 05 May 2021 22:02:45 GMT
server: Apache/2.4.6 (CentOS)
etag: "10c6-5c19c5aca7c1c"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
date: Sat, 09 Oct 2021 19:20:50 GMT
accept-ranges: bytes
content-length: 4294
x-xss-protection: 1; mode=block

GET
H2 200 quantum-norton.js Show response
cdn.quantummetric.com/qscripts/ 246 KB
70 KB 47ms
30ms Script
text/javascript 172.67.20.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/qscripts/quantum-norton.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.20.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0432f5fa82609d651c0d4b26b9bc34477892d5e80c717aef162f11441a3a7c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 19:20:50 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 265
etag: W/"163354147491316330141659561633766406622"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000
cf-ray: 69b9f7f4ee832b95-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 s_code_norton_min.js Show response
nexus.ensighten.com/symantec/scode/ 70 KB
22 KB 36ms
12ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/symantec/scode/s_code_norton_min.js
Requested by: Host: login.norton.com
URL: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13b43efe4f07b06078be9438cee530c121b91b9b51f2b2f610390489bcc790f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 19:20:50 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 17:15:40 GMT
server: nginx
etag: W/"614b64bc-116fa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300

GET
H2 200 checkbox-on-icon.png
static.nortoncdn.com/static/sso/2021.3.4/101/images/ 574 B
780 B 6ms
6ms Image
image/png 23.193.32.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.nortoncdn.com/static/sso/2021.3.4/101/images/checkbox-on-icon.png

Requested by

Host: static.nortoncdn.com
URL: https://static.nortoncdn.com/static/sso/2021.3.4/101/css/nsl-web-2021-10-04-18-58-13.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.193.32.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-193-32-35.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (CentOS) /

Resource Hash

28e0f0567ced7786931e4e6702f083b645303331c0c75b463ab4d137bbb18658

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.nortoncdn.com/static/sso/2021.3.4/101/css/nsl-web-2021-10-04-18-58-13.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 04 Oct 2021 20:35:37 GMT
server: Apache/2.4.6 (CentOS)
etag: "23e-5cd8cdb023968"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
date: Sat, 09 Oct 2021 19:20:50 GMT
accept-ranges: bytes
content-length: 574

GET
H2 200 SourceSansPro-Light.ttf
static.nortoncdn.com/static/sso/longlived/fonts/ 196 KB
197 KB 23ms
6ms Font
application/font-sfnt 23.193.32.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.nortoncdn.com/static/sso/longlived/fonts/SourceSansPro-Light.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.193.32.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-193-32-35.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (CentOS) /

Resource Hash

53336cb2e9ebf6fd7f194a205ed8a2d77a37c110885824a900cfbeb557976bf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.norton.com/
Origin: https://login.norton.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 08 Sep 2020 12:48:47 GMT
server: Apache/2.4.6 (CentOS)
etag: "31138-5aeccc18789c0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST
content-type: application/font-sfnt
access-control-allow-origin: *
date: Sat, 09 Oct 2021 19:20:50 GMT
accept-ranges: bytes
content-length: 201016
x-xss-protection: 1; mode=block

GET
H2 200 SourceSansPro-Regular.woff
static.nortoncdn.com/static/sso/longlived/fonts/ 196 KB
197 KB 35ms
18ms Font
application/font-woff 23.193.32.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.nortoncdn.com/static/sso/longlived/fonts/SourceSansPro-Regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.193.32.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-193-32-35.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (CentOS) /

Resource Hash

c05048d8a2a9dec06d7af3c97af1c410c3e16616598bf423df6c8fe74151ec76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.norton.com/
Origin: https://login.norton.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 29 Apr 2020 03:19:16 GMT
server: Apache/2.4.6 (CentOS)
etag: "30f78-5a46569b9f500"
access-control-allow-methods: GET,POST
content-type: application/font-woff
access-control-allow-origin: *
date: Sat, 09 Oct 2021 19:20:50 GMT
accept-ranges: bytes
content-length: 200568

GET
H2 200 SourceSansPro-SemiBold.ttf
static.nortoncdn.com/static/sso/longlived/fonts/ 194 KB
195 KB 35ms
18ms Font
application/font-sfnt 23.193.32.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.nortoncdn.com/static/sso/longlived/fonts/SourceSansPro-SemiBold.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.193.32.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-193-32-35.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (CentOS) /

Resource Hash

865b8a71cf5a4e934e691b0fb5db3eaf2566af5a322c305ab5cd3c8ddd5e437f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.norton.com/
Origin: https://login.norton.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 08 Sep 2020 12:48:47 GMT
server: Apache/2.4.6 (CentOS)
etag: "30934-5aeccc1901d01"
access-control-allow-methods: GET,POST
content-type: application/font-sfnt
access-control-allow-origin: *
date: Sat, 09 Oct 2021 19:20:50 GMT
accept-ranges: bytes
content-length: 198964

GET
H2 200 RC401e00db6a444f57826a519b49f0bc6a-source.min.js Show response
assets.adobedtm.com/b29989a14bed/0b3c1a6a837b/56a0ad0870d1/ 374 B
505 B 6ms
6ms Script
application/x-javascript 23.193.32.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b29989a14bed/0b3c1a6a837b/56a0ad0870d1/RC401e00db6a444f57826a519b49f0bc6a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b29989a14bed/0b3c1a6a837b/launch-ec64249dfc51.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.193.32.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-193-32-242.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5a06d02cefed765e895ca606dea3a29a10c300d23175bf56fa22bc9f772553e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 19:20:50 GMT
content-encoding: gzip
last-modified: Fri, 09 Oct 2020 21:12:44 GMT
server: AkamaiNetStorage
etag: "335277f377b5718fd98a663607f1e3dc:1602277964.104398"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://login.norton.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 239
expires: Sat, 09 Oct 2021 20:20:50 GMT

GET
H2 200 RC65220159b9d541bd850968abdaedbd8d-source.min.js Show response
assets.adobedtm.com/b29989a14bed/0b3c1a6a837b/56a0ad0870d1/ 566 B
619 B 7ms
7ms Script
application/x-javascript 23.193.32.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b29989a14bed/0b3c1a6a837b/56a0ad0870d1/RC65220159b9d541bd850968abdaedbd8d-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b29989a14bed/0b3c1a6a837b/launch-ec64249dfc51.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.193.32.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-193-32-242.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3149a7616edfa653efdd9215460db5a32e3d56940c1ac06e89adb94c590b4428

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 19:20:50 GMT
content-encoding: gzip
last-modified: Fri, 09 Oct 2020 21:12:44 GMT
server: AkamaiNetStorage
etag: "335277f377b5718fd98a663607f1e3dc:1602277964.104398"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://login.norton.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 353
expires: Sat, 09 Oct 2021 20:20:50 GMT

GET
BLOB 200
OK f144c44e-ae1c-4f6d-8fcc-d63e3a86a885
https://login.norton.com/ 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://login.norton.com/f144c44e-ae1c-4f6d-8fcc-d63e3a86a885
Requested by: Host: login.norton.com
URL: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd76429b1105fcc5d653f676ccf53376ffbcd7aa2bd548c03c926deeff584183

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 17224
Content-Type: application/javascript

GET
H/1.1 200
OK dest5.html Show response
symantec.demdex.net/ Frame 9A1A 7 KB
3 KB 132ms
32ms Document
text/html 52.17.95.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://symantec.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b29989a14bed/0b3c1a6a837b/launch-ec64249dfc51.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.95.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-95-93.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: symantec.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
Accept-Encoding: gzip, deflate, br
Cookie: demdex=56363568287769748373769923003975154148
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sat, 9 Oct 2021 19:20:50 GMT
DCS: dcs-prod-irl1-2-v018-0140b2bc2.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 23 Sep 2021 12:09:25 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: /croWQIGRx0=
Content-Length: 2791
Connection: keep-alive

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YWHrkgAAABhvNgQf
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=56363568287769748373769923003975154148
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YWHrkgAAABhvNgQf

42 B
943 B

34ms
34ms

Image
image/gif

18.200.208.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YWHrkgAAABhvNgQf

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.208.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-208-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v018-03a515461.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 5rVco5MGSOA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YWHrkgAAABhvNgQf
Date: Sat, 09 Oct 2021 19:20:50 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 embed.js Show response
nebula-cdn.kampyle.com/wu/458056/onsite/ 2 KB
1 KB 33ms
6ms Script
application/javascript 151.101.65.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nebula-cdn.kampyle.com/wu/458056/onsite/embed.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b29989a14bed/0b3c1a6a837b/launch-ec64249dfc51.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fda11f5931c31d575d9358c3042c9f2f54013e95bd2db73f8b6783f2e7d717fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: jBMtMOZm5dHrAD1uZm07Et6pD3hMq8jc
content-encoding: gzip
etag: "12a8529a0cfd5cdeb20908ee9247bfcd"
age: 437823
via: 1.1 varnish
x-cache: HIT
content-length: 664
x-amz-id-2: PliVRj6iUqqRQpHXPMh/FZ4rmIhExSnUM/tM/EfKAwQXiayfLgxK6rpt2QLPgbtU0rzUggc7+Uw=
x-served-by: cache-hhn4074-HHN
last-modified: Mon, 04 Oct 2021 17:43:46 GMT
server: AmazonS3
x-timer: S1633807251.879757,VS0,VE0
date: Sat, 09 Oct 2021 19:20:50 GMT
vary: Accept-Encoding
x-amz-request-id: R7CQM074H9G6JWZW
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 18145

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame 1291 90 B
895 B 367ms
119ms XHR
application/json 35.222.211.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Flogin.norton.com%2Fsso%2Fidp%2FSAML2%3FSAMLRequest%3DnZFfa8IwFMW%252FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%252B%252Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%252Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%252Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%252B5AJ0r3Vax6j4N%252Bb%252FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%252BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%253D%26SigAlg%3Dhttp%253A%252F%252Fwww.w3.org%252F2001%252F04%252Fxmldsig-more%2523rsa-sha256%26Signature%3DD2Wp90T3uGDigv7r%252F1QuZ0e8OJ%252FrzcH3GTCDqMZc%252FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%252BreASD%252FrxzbvDfafSmPQN2hKOnIWILz35%252ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%252BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%252BW%252FS5Bdsag0vaAhq%252BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%252B2LXxYzk7swPXrcX6O93D9R7Hzulaw%253D%253D%26displang%3Ddeu%26displocale%3DDEU&t=1633807250818&v=1633807250856&z=1&S=0&N=0&P=0

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.211.90 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

90.211.222.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

f274a678eb758c7b9f54bd178f006a15899e3aae1abef4c44d9e00e8943bbf54

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 09 Oct 2021 19:20:51 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://login.norton.com
access-control-allow-credentials: true
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
strict-transport-security: max-age=31536000; includeSubDomains;

GET
H2 200 ruxitagentjs_ICA2Vfqru_10225210921130928.js Show response
my.norton.com/ Frame 729B 187 KB
73 KB 179ms
178ms Script
text/javascript 40.118.234.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.norton.com/ruxitagentjs_ICA2Vfqru_10225210921130928.js

Requested by

Host: my.norton.com
URL: https://my.norton.com/welcome/home?&displocale=iso3:DEU&displang=iso3:deu

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.118.234.43 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

22f07c656500de41c51608e9298a6b609d36c598f9d6feadfa5112d7637b1b69

Security Headers

Name	Value
Content-Security-Policy	*
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://my.norton.com/welcome/home?&displocale=iso3:DEU&displang=iso3:deu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: *
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
server: Microsoft-IIS/10.0
date: Sat, 09 Oct 2021 19:20:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
content-length: 74603
expires: Sun, 09 Oct 2022 19:20:50 GMT

GET
H2 200 customtheme.css
static.nortoncdn.com/static/ngpcdn/static/ngp.nsltheme.3.2.68/content/css/ Frame 729B 4 KB
1 KB 6ms
6ms Stylesheet
text/css 23.193.32.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.nortoncdn.com/static/ngpcdn/static/ngp.nsltheme.3.2.68/content/css/customtheme.css
Requested by: Host: my.norton.com
URL: https://my.norton.com/welcome/home?&displocale=iso3:DEU&displang=iso3:deu
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.193.32.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-193-32-35.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0d09513e8b44e223d7352330ce43bf31a398a5edfe42d7d2517a593f4f963798

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://my.norton.com/welcome/home?&displocale=iso3:DEU&displang=iso3:deu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 19:20:50 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 15:28:07 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5: 73ALPm3d4pEf9Bcx0CTrQw==
etag: "0x8D93A495455D618"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: cb78d175-501e-0030-771c-6db3e2000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 956

GET
H2 200 /
webapps.norton.com/ Frame 729B 0
0 759ms
182ms Stylesheet
text/plain 40.78.18.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://webapps.norton.com/
Requested by: Host: my.norton.com
URL: https://my.norton.com/welcome/home?&displocale=iso3:DEU&displang=iso3:deu
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 40.78.18.193 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://my.norton.com/welcome/home?&displocale=iso3:DEU&displang=iso3:deu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 s89802004855588
oms.norton.com/b/ss/symanteccom/1/JS-2.22.0/ 43 B
422 B 67ms
18ms Image
image/gif 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oms.norton.com/b/ss/symanteccom/1/JS-2.22.0/s89802004855588?AQB=1&ndh=1&pf=1&t=9%2F9%2F2021%2019%3A20%3A50%206%200&mid=56529387143013840043754433758949193045&aamlh=6&ce=UTF-8&pageName=login%3Age%3Alogin&g=https%3A%2F%2Flogin.norton.com%2Fsso%2Fidp%2FSAML2%3FSAMLRequest%3DnZFfa8IwFMW%252FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%252B%252Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%252Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%252Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%252B5AJ0r3Vax6j4N%252Bb%252FAhoqeGyXnD&server=norton&events=event79%3D4%2Cevent69&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=ge&c3=ge&c14=D%3Dv16&v18=D%3DpageName&v21=D%3Dc21&v27=D%3Dc2&v28=D%3Dc3&c35=D%3DpageName&c41=login&v41=D%3Dc41&c46=html&c47=page&v47=s_code_norton&c48=Einloggen%20-%20Offizielle%20Website%20%7C%20Bei%20Norton%20Account%20einloggen%20%26%20Einrichten&v48=D%3Dc49&v49=D%3Dc48&v57=56529387143013840043754433758949193045&c59=login%3Alogin&v59=D%3Dc59&v72=login&c75=D%3Dv57&v96=https%3A%2F%2Flogin.norton.com%2Fsso%2Fidp%2FSAML2&v133=na&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=Dv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%252BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%253D%26SigAlg%3Dhttp%253A%252F%252Fwww.w3.org%252F2001%252F04%252Fxmldsig-more%2523rsa-sha256%26Signature%3DD2Wp90T3uGDigv7r%252F1QuZ0e8OJ%252FrzcH3GTCDqMZc%252FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%252BreASD%252FrxzbvDfafSmPQN2hKOnIWILz35%252ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%252BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%252BW%252FS5Bdsag0vaAhq%252BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%252B2LXxYzk7swPXrcX6O93D9R7Hzulaw%253D%253D%26displang%3Ddeu%26displocale%3DDEU&mcorgid=67C716D751E567F70A490D4C%40AdobeOrg&AQE=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 19:20:50 GMT
x-content-type-options: nosniff
x-c: main-1540.I13d07b.M0-522
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sun, 10 Oct 2021 19:20:50 GMT
server: jag
xserver: anedge-b4c7fdd79-5drnt
etag: 3508574354658754560-4619847798535374555
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Fri, 08 Oct 2021 19:20:50 GMT

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame 1291 0
629 B 432ms
236ms XHR
application/json 35.222.211.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.211.90 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

90.211.222.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
date: Sat, 09 Oct 2021 19:20:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: application/json
access-control-allow-origin: https://login.norton.com
access-control-allow-credentials: true
content-length: 0

GET
H2 200 / Show response
norton-app.quantummetric.com/ Frame 1291 28 B
715 B 119ms
118ms XHR
application/json 35.222.211.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?s=30672b6ee659f4c15cd88febac436a42&H=af95d664162627b6de028e94&Q=3

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.211.90 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

90.211.222.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 19:20:51 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://login.norton.com
access-control-allow-credentials: true
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
strict-transport-security: max-age=31536000; includeSubDomains;

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame 1291 0
629 B 121ms
120ms XHR
application/json 35.222.211.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.211.90 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

90.211.222.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
date: Sat, 09 Oct 2021 19:20:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: application/json
access-control-allow-origin: https://login.norton.com
access-control-allow-credentials: true
content-length: 0

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame 1291 0
629 B 119ms
119ms XHR
application/json 35.222.211.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.211.90 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

90.211.222.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
date: Sat, 09 Oct 2021 19:20:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: application/json
access-control-allow-origin: https://login.norton.com
access-control-allow-credentials: true
content-length: 0

GET
H2 200 SourceSansPro-Regular.woff
static.nortoncdn.com/static/ngp/static/ngp.main.6.0.407/fonts/SourceSansPro-Regular/ Frame 729B 196 KB
197 KB 8ms
7ms Font
application/font-woff 23.193.32.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.nortoncdn.com/static/ngp/static/ngp.main.6.0.407/fonts/SourceSansPro-Regular/SourceSansPro-Regular.woff

Requested by

Host: static.nortoncdn.com
URL: https://static.nortoncdn.com/static/ngpcdn/static/ngp.nsltheme.3.2.68/content/css/customtheme.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.193.32.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-193-32-35.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (CentOS) /

Resource Hash

c05048d8a2a9dec06d7af3c97af1c410c3e16616598bf423df6c8fe74151ec76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.nortoncdn.com/static/ngpcdn/static/ngp.nsltheme.3.2.68/content/css/customtheme.css
Origin: https://my.norton.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 29 Apr 2020 03:50:55 GMT
server: Apache/2.4.6 (CentOS)
etag: "30f78-5a465daea65c0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST
content-type: application/font-woff
access-control-allow-origin: *
date: Sat, 09 Oct 2021 19:20:51 GMT
accept-ranges: bytes
content-length: 200568
x-xss-protection: 1; mode=block

GET
H2 200 zxcvbn-2021-10-04-18-58-13.js Show response
static.nortoncdn.com/static/sso/2021.3.4/101/js/ 801 KB
390 KB 6ms
6ms Script
application/javascript 23.193.32.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.nortoncdn.com/static/sso/2021.3.4/101/js/zxcvbn-2021-10-04-18-58-13.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.193.32.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-193-32-35.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (CentOS) /

Resource Hash

5b9ecbb26fc1d1925baeb2a5fff83ab59fd3717ff199758f2bb01fea8aff376a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 20:35:37 GMT
server: Apache/2.4.6 (CentOS)
etag: "c8271-5cd8cdb08bd71"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
date: Sat, 09 Oct 2021 19:20:51 GMT
accept-ranges: bytes
content-length: 398430

GET
H2 200 generic1633369424210.js Show response
nebula-cdn.kampyle.com/us/wu/458056/onsite/ 788 KB
97 KB 6ms
6ms Script
application/javascript 151.101.65.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nebula-cdn.kampyle.com/us/wu/458056/onsite/generic1633369424210.js
Requested by: Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/wu/458056/onsite/embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ccd79e3f42c79a56a8cadaf5ecd72c737c3c34300bfb2b7830dd8daca5b68f3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: irvP4BsDngkhZRYKETb9MMHGN_v_8Nii
content-encoding: gzip
etag: "b213b27e7e4e1a955bbdeb5cead33438"
age: 437825
via: 1.1 varnish
x-cache: HIT
content-length: 98944
x-amz-id-2: RquL31XQWLIFhASTtz6S+AddGxPM86h/xlyYSGGvI3gVfDqUCU+nYgT4AwuvTJEx4bcVvyZpMxY=
x-served-by: cache-hhn4074-HHN
last-modified: Mon, 04 Oct 2021 17:43:45 GMT
server: AmazonS3
x-timer: S1633807252.649318,VS0,VE0
date: Sat, 09 Oct 2021 19:20:51 GMT
vary: Accept-Encoding
x-amz-request-id: B50MGWBGXF07MPMQ
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 4132

GET
H2 200 cool-2.1.15.min.js Show response
nebula-cdn.kampyle.com/resources/onsite/js/ 14 KB
5 KB 6ms
6ms Script
application/javascript 151.101.65.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
Requested by: Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/us/wu/458056/onsite/generic1633369424210.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: 9HCXbKZTbCJZkS8s9IuB.pE0JEvI0TGW
content-encoding: gzip
etag: "80dd5e3be5152c5c72d552c6a26ef6ff"
age: 557003
via: 1.1 varnish
x-cache: HIT
content-length: 5197
x-amz-id-2: kDddomr1FHBih4KAUvS8DrOoS+9b6qzboqZmgx7LlEeRhwD/F3UiwxWp3WVrtZ/JyUcZcz3IN5k=
x-served-by: cache-hhn4074-HHN
last-modified: Sun, 24 Jan 2021 11:03:10 GMT
server: AmazonS3
x-timer: S1633807252.750668,VS0,VE0
date: Sat, 09 Oct 2021 19:20:51 GMT
vary: Accept-Encoding
x-amz-request-id: 3JBDPGF3RZM21Z5S
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 261331

POST
H2 200 track Show response
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/ 59 B
415 B 157ms
111ms XHR
text/plain 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
Requested by: Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459

Request headers

Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nZFfa8IwFMW%2FSsm7TeyUYagFcQwEhaEbjL2UkF41rM11ubf%2B%2Bfar1TkfhA0fk5yb8zvnpqOa134OXzUQR%2Fuq9KT3VAzFmnmjpdztdvHuIcawkolSXfk%2Bmy7sGiojLmL3t7jjPLHxFkQ0Iaph0h55KBKVdDtd1VGD1%2B5AJ0r3Vax6j4N%2Bb%2FAhoqeGyXnDDv3JgxqTElfOxx4Do48tVpIIpSs2cjGaTRMRPWOw0KYaiqUpqfV8MURuC5ebERGE479j9FRXEBYQts7C23z661Qdrm0mBXh2fJAja7H2LMmtvPOdk%2BRcx1DUwWs05Eh7UwFptvoIppNY6U1ARoulyNK2hvCfIfODKrJ7wFJ5ssrS85KhaMtpgjPsORpjtTHB0bFi2BvLDdy1YFw2AHNY3ol6c1tkqjJvBvKmkKUrQaIrbG6sBaKc8RMa6lsMWSpvhsjO8vNj9g0%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=D2Wp90T3uGDigv7r%2F1QuZ0e8OJ%2FrzcH3GTCDqMZc%2FzIYxhRdfWKaMJczWaeu7xe5oEt7BEdK7DTjQZiTkIBiCuqZtPnzSadrdj%2BreASD%2FrxzbvDfafSmPQN2hKOnIWILz35%2ByPz7fWvAoVzKujqAFchlN4o6JQphu2QH55SEyy3k4cjRKyBXTNGBE39PItmRKd%2BvcW6JkqvNuENTJvxFPpqrXmYUJXqgVEWqm3UnRleJVGmf8l1zE%2BW%2FS5Bdsag0vaAhq%2BssjVEAWbDplWWnoPLvGp877sRuYddVJan9qiwtzCz6BlJHG5J2%2B2LXxYzk7swPXrcX6O93D9R7Hzulaw%3D%3D&displang=deu&displocale=DEU
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

x-me: prod-instance-gatewayservice-blue-vsj8
date: Sat, 09 Oct 2021 19:20:51 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://login.norton.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 59
x-application-context: application:9090

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.norton.com/sso	1969-12-31 23:59:59	Name: JSESSIONID Value: A23C40556619FE1B6AA50D2272862A90.jvmroute8081
my.norton.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: sojpy5xggd1wjtj4llpybiio
.norton.com/	1969-12-31 23:59:59	Name: dtCookie Value: 2$A926CB79BA5270E8C8CFBE83478C0C63\|ce0424ba158762c8\|0
my.norton.com/	1969-12-31 23:59:59	Name: IQBERAWQ Value: 02eec82c2f-6d55-44mHagbYV0wER9-x9N01YWRjAl_9gEAilxp-PRKRpZx7GU2EzR8JKi-DKL1JklfyLY1T8
my.norton.com/	1969-12-31 23:59:59	Name: __StateState_4cb3 Value: eyJSZXR1cm5VcmwiOiIvZXh0c3BhL2xpZmVsb2NrP3JlZGlyZWN0VXJsPSUyRmFsZXJ0cyUyRmluYm94In0=
login.norton.com/	1969-12-31 23:59:59	Name: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE Value: de
.demdex.net/	1970-01-20 02:09:19	Name: demdex Value: 56363568287769748373769923003975154148
.norton.com/	1969-12-31 23:59:59	Name: AMCVS_67C716D751E567F70A490D4C%40AdobeOrg Value: 1
.norton.com/	1970-01-20 03:35:43	Name: s_nr Value: 1633807250894-New
.norton.com/	1970-01-20 03:35:43	Name: event69 Value: event69
.norton.com/	1970-01-20 06:35:43	Name: channelStack Value: s_eVar72~login
.norton.com/	1970-01-19 21:50:09	Name: s_gpv Value: login%3Age%3Alogin
.norton.com/	1970-01-19 21:50:09	Name: s_gpv_custom Value: login%3Alogin
.norton.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.everesttech.net/	1970-01-20 06:35:43	Name: everest_g_v2 Value: g_surferid~YWHrkgAAABhvNgQf
.dpm.demdex.net/	1970-01-20 02:09:19	Name: dpm Value: 56363568287769748373769923003975154148
.norton.com/	1970-01-20 15:21:19	Name: AMCV_67C716D751E567F70A490D4C%40AdobeOrg Value: 870038026%7CMCIDTS%7C18910%7CMCMID%7C56529387143013840043754433758949193045%7CMCAAMLH-1634412050%7C6%7CMCAAMB-1634412050%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1633814450s%7CNONE%7CMCSYNCSOP%7C411-18917%7CvVersion%7C5.0.0
norton-app.quantummetric.com/	1969-12-31 23:59:59	Name: s Value: 30672b6ee659f4c15cd88febac436a42
norton-app.quantummetric.com/	1970-01-20 06:35:43	Name: U Value: b29368fc2619c1500c93455f2bbeff4b
.norton.com/	1970-01-19 21:50:09	Name: QuantumMetricSessionID Value: 30672b6ee659f4c15cd88febac436a42
.norton.com/	1970-01-20 06:35:43	Name: QuantumMetricUserID Value: b29368fc2619c1500c93455f2bbeff4b
login.norton.com/	1970-01-20 06:35:43	Name: mdLogger Value: false
login.norton.com/	1970-01-20 06:35:43	Name: kampyle_userid Value: f841-ca63-283c-5945-3fb3-5df4-0bc4-8c1c
login.norton.com/	1970-01-20 06:35:43	Name: kampyleUserSession Value: 1633807251753
login.norton.com/	1970-01-20 06:35:43	Name: kampyleUserSessionsCount Value: 1
login.norton.com/	1970-01-20 06:35:43	Name: kampyleSessionPageCounter Value: 1
.norton.com/	1970-01-20 06:35:43	Name: cd_user_id Value: 17c6680394a446-0aaa94e5ae3c5e-a7d193d-1d4c00-17c6680394b11c2

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://my.norton.com/welcome/home?&displocale=iso3:DEU&displang=iso3:deu Message: The Content-Security-Policy directive name '*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://my.norton.com/welcome/home?&displocale=iso3:DEU&displang=iso3:deu Message: Blocked script execution in 'https://my.norton.com/welcome/home?&displocale=iso3:DEU&displang=iso3:deu' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; img-src 'self' appleid.cdn-apple.com stage.nortoncdn.com static.nortoncdn.com dpm.demdex.net nebula-cdn.kampyle.com oms.norton.com udc-neb.kampyle.com cm.everesttech.net data: blob: 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' stage.nortoncdn.com static.nortoncdn.com ssl.google-analytics.com www.google.com www.gstatic.com symantec.tt.omtrdc.net cdn.tt.omtrdc.net nexus.ensighten.com nebula-cdn.kampyle.com www.symantec.com cm.everesttech.net udc-neb.kampyle.com oms.norton.com assets.adobedtm.com cdn.quantummetric.com; frame-src * 'unsafe-inline'; worker-src blob:; child-src blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cdn.quantummetric.com
cm.everesttech.net
dpm.demdex.net
lifelock.custhelp.com
login.norton.com
my.norton.com
nebula-cdn.kampyle.com
nexus.ensighten.com
norton-app.quantummetric.com
oms.norton.com
static.nortoncdn.com
symantec.demdex.net
udc-neb.kampyle.com
webapps.norton.com
130.35.3.146
137.117.34.60
15.236.176.210
151.101.65.175
172.67.20.158
18.197.253.20
18.200.208.216
23.193.32.242
23.193.32.35
34.248.191.66
35.222.211.90
35.241.45.82
40.118.234.43
40.78.18.193
52.17.95.93
0af58469e8f10b8bb5d5181f9b45bf71050d30273c34bbed9d0d9378bfd08053
0d09513e8b44e223d7352330ce43bf31a398a5edfe42d7d2517a593f4f963798
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
13b43efe4f07b06078be9438cee530c121b91b9b51f2b2f610390489bcc790f4
22f07c656500de41c51608e9298a6b609d36c598f9d6feadfa5112d7637b1b69
28e0f0567ced7786931e4e6702f083b645303331c0c75b463ab4d137bbb18658
3149a7616edfa653efdd9215460db5a32e3d56940c1ac06e89adb94c590b4428
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
3f59659abf915ef77cf531ca98641bae585de63bfc83639f119b597de46fb013
53336cb2e9ebf6fd7f194a205ed8a2d77a37c110885824a900cfbeb557976bf9
5a06d02cefed765e895ca606dea3a29a10c300d23175bf56fa22bc9f772553e0
5b9ecbb26fc1d1925baeb2a5fff83ab59fd3717ff199758f2bb01fea8aff376a
5cf57b1d41a0b87cd45e056c7a9585c74805144c3afb9a7846e3afbe81b134db
67e85c2e449e8f644bc8a50ff463905e2d6650a2ec3fcd3fc452e59a0cdc2ea9
736d33f30fde46ee92a4b549fd2c29c6b50e11fb3e4ad82c3782da908574e27e
792f4aea1c3d8ad21b4c04c61d599dea2ef0155c1ded1121dc4e16a5a16f1707
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
865b8a71cf5a4e934e691b0fb5db3eaf2566af5a322c305ab5cd3c8ddd5e437f
983fb5998e593ec7a06e7ff204363fee98cabf1fea5940be2fc6f028c4441724
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
ba211d2712b72ae2426659394a0c3ae94097a572048d5a1cd6f8d0b3ddd92e1d
c05048d8a2a9dec06d7af3c97af1c410c3e16616598bf423df6c8fe74151ec76
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459
ccd79e3f42c79a56a8cadaf5ecd72c737c3c34300bfb2b7830dd8daca5b68f3d
e0432f5fa82609d651c0d4b26b9bc34477892d5e80c717aef162f11441a3a7c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f274a678eb758c7b9f54bd178f006a15899e3aae1abef4c44d9e00e8943bbf54
fd76429b1105fcc5d653f676ccf53376ffbcd7aa2bd548c03c926deeff584183
fda11f5931c31d575d9358c3042c9f2f54013e95bd2db73f8b6783f2e7d717fc

login.norton.com Open in urlscan Pro 137.117.34.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

97 %HTTPS

0 %IPv6

9 Domains

15 Subdomains

14 IPs

4 Countries

1631 kBTransfer

3772 kBSize

27 Cookies

3 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.norton.com Open in urlscan Pro
137.117.34.60 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

97 %
HTTPS

0 %
IPv6

9
Domains

15
Subdomains

14
IPs

4
Countries

1631 kB
Transfer

3772 kB
Size

27
Cookies

34 HTTP transactions
0 data transactions