Submitted URL: https://login.coinbase.accounts.w7th.us/
Effective URL: https://search.norton.com/nsssOnboarding
Submission: On October 22 via api from JP — Scanned from US

Summary

This website contacted 4 IPs in 1 countries across 5 domains to perform 15 HTTP transactions. The main IP is 23.100.35.63, located in San Jose, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is search.norton.com. The Cisco Umbrella rank of the primary domain is 333647.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on March 4th 2022. Valid for: a year.
This is the only time search.norton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 198.252.104.2 20068 (HAWKHOST)
2 23.100.35.63 8075 (MICROSOFT...)
10 23.64.61.39 16625 (AKAMAI-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
15 4
Apex Domain
Subdomains
Transfer
10 nortoncdn.com
static.nortoncdn.com — Cisco Umbrella Rank: 25605
4 MB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
2 norton.com
search.norton.com — Cisco Umbrella Rank: 333647
30 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
440 B
1 w7th.us
login.coinbase.accounts.w7th.us
416 B
15 5
Domain Requested by
10 static.nortoncdn.com search.norton.com
static.nortoncdn.com
2 www.google-analytics.com search.norton.com
www.google-analytics.com
2 search.norton.com search.norton.com
1 stats.g.doubleclick.net www.google-analytics.com
1 login.coinbase.accounts.w7th.us 1 redirects
15 5

This site contains links to these domains. Also see Links.

Domain
sitedirector.norton.com
Subject Issuer Validity Valid
search.norton.com
DigiCert SHA2 Extended Validation Server CA
2022-03-04 -
2023-04-04
a year crt.sh
store.norton.com
DigiCert SHA2 Extended Validation Server CA
2022-02-18 -
2023-03-10
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh

This page contains 1 frames:

Primary Page: https://search.norton.com/nsssOnboarding
Frame ID: 4E01AFCC2FCFC6E41897C61ADEAC2135
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

Browsing Protection

Page URL History Show full URLs

  1. https://login.coinbase.accounts.w7th.us/ HTTP 302
    https://search.norton.com/nsssOnboarding Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

15
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

4
IPs

1
Countries

3825 kB
Transfer

5017 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://login.coinbase.accounts.w7th.us/ HTTP 302
    https://search.norton.com/nsssOnboarding Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request nsssOnboarding
search.norton.com/
Redirect Chain
  • https://login.coinbase.accounts.w7th.us/
  • https://search.norton.com/nsssOnboarding
2 KB
2 KB
Document
General
Full URL
https://search.norton.com/nsssOnboarding
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.100.35.63 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
safesearchportalv2 / Express
Resource Hash
f06022cbcbed4ea90dd408a7afcb42a480cb0bca9cf39a0e752127128cb792ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
1663
Content-Type
text/html; charset=utf-8
Date
Sat, 22 Oct 2022 17:01:42 GMT
ETag
W/"67f-Jrvqf3zWUdDE7nPQq1PzlYOYD94"
Referrer-Policy
no-referrer-when-downgrade
Server
safesearchportalv2
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Frame-Options
deny
X-Powered-By
Express

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sat, 22 Oct 2022 17:01:41 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Location
https://search.norton.com/nsssOnboarding
Pragma
no-cache
Server
Apache
nsssOnboardingPage.css
static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/css/nsssOnboardingPage.css?ver=2.0.0
Requested by
Host: search.norton.com
URL: https://search.norton.com/nsssOnboarding
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.39 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-39.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3a8c9248d0003807b5e18f42aee403507c0b79793972465c85c8280e97b3f389

Request headers

Referer
https://search.norton.com/nsssOnboarding
Origin
https://search.norton.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:01:42 GMT
content-encoding
gzip
last-modified
Mon, 17 Oct 2022 10:29:40 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
E/ii+ph98oWRArTJZbmY8g==
etag
"0x8DAB02A7FDBE70B"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
250ed9d7-801e-001d-1d49-e31216000000
cache-control
max-age=2592000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
2147
symantec-sans_light.woff
search.norton.com/fonts/
27 KB
28 KB
Font
General
Full URL
https://search.norton.com/fonts/symantec-sans_light.woff
Requested by
Host: search.norton.com
URL: https://search.norton.com/nsssOnboarding
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.100.35.63 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
safesearchportalv1 /
Resource Hash
5bbb1c3a8657e9a5d46d42ff7c8850ea93120915219394b03d9f17bb387e82e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

Referer
https://search.norton.com/nsssOnboarding
Origin
https://search.norton.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 17:01:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 16 Oct 2022 23:46:16 GMT
Server
safesearchportalv1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options
deny
Content-Type
font/woff
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27992
symantec-sans_bold.woff
static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/fonts/
27 KB
28 KB
Font
General
Full URL
https://static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/fonts/symantec-sans_bold.woff
Requested by
Host: search.norton.com
URL: https://search.norton.com/nsssOnboarding
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.39 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-39.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
62b33bcc1089c2ca1ea53e9b3ee5a00479c58e813d6281d48391a14f7cdf3858

Request headers

Referer
https://search.norton.com/nsssOnboarding
Origin
https://search.norton.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:01:42 GMT
last-modified
Mon, 17 Oct 2022 10:27:51 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
7MKZKJe2xubbPNNYYyC3Hg==
etag
"0x8DAB02A3F0A51AB"
access-control-allow-methods
GET,POST
content-type
application/font-woff
access-control-allow-origin
*
x-ms-request-id
e02295fe-801e-0022-5ce5-e2dab5000000
cache-control
max-age=2592000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
27884
symantec-sans_regular.woff
static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/fonts/
27 KB
28 KB
Font
General
Full URL
https://static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/fonts/symantec-sans_regular.woff
Requested by
Host: search.norton.com
URL: https://search.norton.com/nsssOnboarding
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.39 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-39.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ea93edf14f7d8332f7173253d6709de07967039085aa10cca972e75f9d8b3454

Request headers

Referer
https://search.norton.com/nsssOnboarding
Origin
https://search.norton.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:01:42 GMT
last-modified
Mon, 17 Oct 2022 10:28:01 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
j7ECl/KkJKrSQuiBPRWcsA==
etag
"0x8DAB02A44F45BCB"
access-control-allow-methods
GET,POST
content-type
application/font-woff
access-control-allow-origin
*
x-ms-request-id
36de4b5c-a01e-009c-34e5-e2b2cc000000
cache-control
max-age=2592000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
28156
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: search.norton.com
URL: https://search.norton.com/nsssOnboarding
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://search.norton.com/nsssOnboarding
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 22 Oct 2022 16:34:58 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1604
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 22 Oct 2022 18:34:58 GMT
nsssOnboardingPage.js
static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/js/
1 MB
357 KB
Script
General
Full URL
https://static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/js/nsssOnboardingPage.js?ver=2.0.0
Requested by
Host: search.norton.com
URL: https://search.norton.com/nsssOnboarding
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.39 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-39.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6859fe9255c00340db66269ccc0203e2ac77616b88139e478bc8437875c87868

Request headers

Referer
https://search.norton.com/nsssOnboarding
Origin
https://search.norton.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:01:42 GMT
content-encoding
gzip
last-modified
Mon, 17 Oct 2022 10:29:34 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
2rf09TpzmobtokN7sZ88mA==
etag
"0x8DAB02A7C4B06A1"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
000941f1-901e-0001-35b7-e44076000000
cache-control
max-age=2592000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
364387
translation.json
static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/locales/en/
18 KB
4 KB
Fetch
General
Full URL
https://static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/locales/en/translation.json
Requested by
Host:
URL: webpack-internal:///181
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.39 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-39.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3261e9835d5ee943168b359633c0b3491a6339ec1add21d6ad74fa1d148ee66

Request headers

accept-language
en-US,en;q=0.9
Referer
https://search.norton.com/nsssOnboarding
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:01:42 GMT
content-encoding
gzip
last-modified
Mon, 17 Oct 2022 10:29:44 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
+eE3f3zoL3lmqvjYQiHSZg==
etag
"0x8DAB02A82242329"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
b850558c-501e-001e-7de5-e2f372000000
cache-control
max-age=2592000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
3922
norton-nstar-logo-black.svg
static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/images/
5 KB
2 KB
Image
General
Full URL
https://static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/images/norton-nstar-logo-black.svg
Requested by
Host: static.nortoncdn.com
URL: https://static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/css/nsssOnboardingPage.css?ver=2.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.39 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-39.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4d5175109cd3868c7cb19e72c8ae3c604e823431d2e54ae657ebb70837f50c83

Request headers

accept-language
en-US,en;q=0.9
Referer
https://static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/css/nsssOnboardingPage.css?ver=2.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:01:42 GMT
content-encoding
gzip
last-modified
Mon, 17 Oct 2022 10:29:02 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
0eIduwDfKG15bKGjqCqWFA==
etag
"0x8DAB02A6962C46A"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
c4ca7c7f-801e-007f-1f18-e3d031000000
cache-control
max-age=2592000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
1991
nl-bg-sss-banner-1-2x.png
static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/images/
3 MB
3 MB
Image
General
Full URL
https://static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/images/nl-bg-sss-banner-1-2x.png
Requested by
Host: static.nortoncdn.com
URL: https://static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/css/nsssOnboardingPage.css?ver=2.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.39 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-39.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0d48f231d9a2cd4f827fade37641596623a01d6bbd10681c15c2872037ff6c5a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/css/nsssOnboardingPage.css?ver=2.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:01:42 GMT
last-modified
Mon, 17 Oct 2022 10:28:31 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
y4AG547uyzO6YnzU7cnMQw==
etag
"0x8DAB02A566EC40C"
access-control-allow-methods
GET,POST
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
74a1a2ae-101e-000f-1a00-e369c6000000
cache-control
max-age=2592000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
3385745
chrome-web-store-badge.png
static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/images/
4 KB
4 KB
Image
General
Full URL
https://static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/images/chrome-web-store-badge.png
Requested by
Host: static.nortoncdn.com
URL: https://static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/css/nsssOnboardingPage.css?ver=2.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.39 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-39.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7493015148369fec53d07c1fc1ddce84b5639a2687284c9555f27c8c7e8ef8b8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/css/nsssOnboardingPage.css?ver=2.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:01:42 GMT
last-modified
Mon, 17 Oct 2022 10:28:08 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
78tPA73vvMFLrA9fVAWosw==
etag
"0x8DAB02A4919508A"
access-control-allow-methods
GET,POST
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
ccc735a5-b01e-0080-62e5-e2e0ac000000
cache-control
max-age=2592000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
3762
extension-icons-sprite.png
static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/images/
7 KB
7 KB
Image
General
Full URL
https://static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/images/extension-icons-sprite.png
Requested by
Host: static.nortoncdn.com
URL: https://static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/css/nsssOnboardingPage.css?ver=2.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.39 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-39.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
18495186dfb88e96c816d226413c509b0a7bd8c2dae2564d3322ba90ac68510e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/css/nsssOnboardingPage.css?ver=2.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:01:42 GMT
last-modified
Mon, 17 Oct 2022 10:28:12 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
6ZM8ki6UIa9hOiE7z49lNw==
etag
"0x8DAB02A4B5D2085"
access-control-allow-methods
GET,POST
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
2ac10794-c01e-0041-48e5-e2474e000000
cache-control
max-age=2592000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
6699
symantec-sans_light.woff
static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/fonts/
27 KB
28 KB
Font
General
Full URL
https://static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/fonts/symantec-sans_light.woff
Requested by
Host: static.nortoncdn.com
URL: https://static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/css/nsssOnboardingPage.css?ver=2.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.39 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-39.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5bbb1c3a8657e9a5d46d42ff7c8850ea93120915219394b03d9f17bb387e82e8

Request headers

Referer
https://static.nortoncdn.com/safesearchwebapp/prod/2.7.0-9/css/nsssOnboardingPage.css?ver=2.0.0
Origin
https://search.norton.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:01:42 GMT
last-modified
Mon, 17 Oct 2022 10:27:56 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
iWhprxXdHlueJI+HZ56Itw==
etag
"0x8DAB02A4208A439"
access-control-allow-methods
GET,POST
content-type
application/font-woff
access-control-allow-origin
*
x-ms-request-id
f6cc35f8-801e-0032-6ee5-e21fdd000000
cache-control
max-age=2592000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
27992
collect
www.google-analytics.com/j/
4 B
210 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=56106629&t=pageview&_s=1&dl=https%3A%2F%2Fsearch.norton.com%2FnsssOnboarding&ul=en-us&de=UTF-8&dt=Browsing%20Protection&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAACAAI~&jid=451350465&gjid=352168474&cid=817460863.1666458103&tid=UA-56933128-1&_gid=1903255979.1666458103&_r=1&_slc=1&z=839144555
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://search.norton.com/nsssOnboarding
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 17:01:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://search.norton.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
440 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-56933128-1&cid=817460863.1666458103&jid=451350465&gjid=352168474&_gid=1903255979.1666458103&_u=KEBAAEAAAAAAACAAI~&z=811781245
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://search.norton.com/nsssOnboarding
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 22 Oct 2022 17:01:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://search.norton.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| userDetectedLanguage function| ga object| regeneratorRuntime object| google_tag_data object| gaplugins object| gaGlobal object| gaData

5 Cookies

Domain/Path Name / Value
login.coinbase.accounts.w7th.us/ Name: PHPSESSID
Value: 44e5d19c89ae93f63e0638b5c71bdc0e
search.norton.com/ Name: IQBERAWQ
Value: 02eec82c2f-6d55-44NY3bZ_ByR1WVu9uC7LARsmWDWjJdl9T2t62V8PiBaibGxJAl-F4jWo5_6GsQ48asyu4
.norton.com/ Name: _ga
Value: GA1.2.817460863.1666458103
.norton.com/ Name: _gid
Value: GA1.2.1903255979.1666458103
.norton.com/ Name: _gat
Value: 1

1 Console Messages

Source Level URL
Text
javascript warning URL: https://search.norton.com/nsssOnboarding
Message:
The resource https://search.norton.com/fonts/symantec-sans_light.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny