Report - symantecq.com/

Report Overview

URL

symantecq.com/
IP

63.141.242.46

ASN

#33387 NOCIX
Submitted

2023-01-30T08:11:28Z

Access
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

0
Threat Detection Systems

1

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org (9)	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3042	7977	23.36.76.226
firefox.settings.services.mozilla.com (2)	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782	2374	35.241.9.150
symantecq.com (1)	unknown	2022-08-07T19:27:32Z	2023-01-29T09:11:22Z	345	435	63.141.242.46
ww2.affinity.net (3)	210044	2021-08-27T14:20:11Z	2023-03-12T17:01:21Z	1863	2733	216.139.248.127
ocsp.digicert.com (4)	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1364	3067	93.184.220.29
buy-static.norton.com (1)	314087	2012-06-01T22:20:28Z	2023-03-09T20:44:35Z	499	742	2.18.172.34
oms.norton.com (1)	62996	2019-11-05T08:31:06Z	2023-03-13T08:39:18Z	3942	614	13.37.25.97
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413	5844	34.160.144.191
no.norton.com (55)	unknown	2012-07-21T18:58:30Z	2023-03-13T06:00:38Z	92066	375917	2.18.172.124
contile.services.mozilla.com (1)	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333	391	34.117.237.239
ocsp.godaddy.com (1)	698	2012-05-20T21:28:57Z	2023-03-13T05:12:19Z	340	2285	192.124.249.24
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3245	55912	34.120.237.76
push.services.mozilla.com (1)	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606	127	54.149.229.221
buy.norton.com (3)	143146	2012-05-21T14:16:14Z	2023-03-13T08:39:18Z	1834	11596	23.32.109.171
assets.adobedtm.com (1)	512	2014-01-28T05:51:35Z	2023-03-13T05:29:24Z	401	62448	2.18.172.233
www.nortonlifelock.com (1)	38616	2019-11-05T05:47:23Z	2023-03-13T08:39:17Z	416	25261	23.38.200.126
dpm.demdex.net (1)	204	2012-05-22T07:45:05Z	2023-03-13T05:18:25Z	550	1119	34.250.33.236
ensighten.norton.com (4)	147224	2020-07-24T02:18:01Z	2023-03-13T08:39:17Z	13516	1150	63.34.68.24
symantec.tt.omtrdc.net (1)	120989	2012-05-21T14:16:11Z	2023-03-13T08:39:18Z	1930	888	63.34.41.96

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-30	medium	symantecq.com/	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

HTTP Transactions (97)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

a2104f935c638b4767ca5ae0d738ef23

85c6af15af749be0ceeae6de17c36925b750f166

5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2338
Expires: Mon, 30 Jan 2023 08:50:15 GMT
Date: Mon, 30 Jan 2023 08:11:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

3eb88dea4fe00db1182370e72683c3ab

ca520abf1e91bfd2aef40c6a1270a911071e8922

d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16380
Expires: Mon, 30 Jan 2023 12:44:17 GMT
Date: Mon, 30 Jan 2023 08:11:17 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939

URL HTTP/2

firefox.settings.services.mozilla.com/v1/
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (939), with no line terminators

Size

939
Hash

dcd75ca6daca51c5e39d431468511793

07f76d3bf23d65c9110d810fa71a994e39e085d3

73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

                                        GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 07:35:42 GMT
content-type: application/json
age: 2135
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

09ee4b0fe6cf4ca5ed31b24452338d00

7e62b6e20f0d4737f4a8d94f9818a0883027839e

56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11400
Expires: Mon, 30 Jan 2023 11:21:17 GMT
Date: Mon, 30 Jan 2023 08:11:17 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5348

URL HTTP/2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP

34.160.144.191:0
ASN

#15169 GOOGLE

Magic

PEM certificate\012- , ASCII text

Size

5348
Hash

7b922915ebf1fa3639b333f994c74f24

144a3f80b98fd0652d4614f24cf6cbbee40f8938

adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

                                        GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
x-amz-id-2: T8pB/gqX8YaWv440GhfL9vmmblJRfd+AZNhOkIIfecU5TdosZpJ4I9EasvAVCRgL2Sg6MeUtO0E=
x-amz-request-id: CNHQ7PZAVSSMTS98
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 07:21:42 GMT
age: 2975
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

URL HTTP/2

contile.services.mozilla.com/v1/tiles
IP

34.117.237.239:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with no line terminators

Size

12
Hash

23e88fb7b99543fb33315b29b1fad9d6

a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

                                        GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 08:11:17 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329

URL HTTP/2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (329), with no line terminators

Size

329
Hash

0333b0655111aa68de771adfcc4db243

63f295a144ac87a7c8e23417626724eeca68a7eb

60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

                                        GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 07:41:41 GMT
age: 1777
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

symantecq.com/

63.141.242.46

302 Found

URL HTTP/1.1

symantecq.com/
IP

63.141.242.46:0
ASN

#33387 NOCIX

Magic

ASCII text, with no line terminators

Size

11
Hash

32682312d17c7cbf18e73594f5570319

60e22121bdd0bc71cdb2bae2a3aa577006b2eae9

e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

                                        GET / HTTP/1.1
Host: symantecq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Mon, 30 Jan 2023 08:11:17 GMT
location: https://ww2.affinity.net/fly?no_capp=2&enk=MTI4OTI3fDExM3wxfDcxNjEyfDE2NzUwNjYyNzd8MXwxfDEzNQ==
server: nginx
set-cookie: sid=ac12e2ea-a075-11ed-b720-33338ad75659; path=/; domain=.symantecq.com; expires=Sat, 17 Feb 2091 11:25:25 GMT; max-age=2147483647; HttpOnly

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

22b9916fc1fafc9bdc9bb37f9eac8a9a

86f640e134a741a0f906a8e3a0f5c6659dd0e394

a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11367
Expires: Mon, 30 Jan 2023 11:20:45 GMT
Date: Mon, 30 Jan 2023 08:11:18 GMT
Connection: keep-alive

push.services.mozilla.com/

54.149.229.221

101 Switching Protocols

URL HTTP/1.1

push.services.mozilla.com/
IP

54.149.229.221:0
ASN

#16509 AMAZON-02

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QCaKpqX+LWuO779NHGdCmA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: e6Wkr/uvhjbUOGFYq0aQd8//RSM=

ocsp.godaddy.com/

192.124.249.24

200 OK

1777

URL HTTP/1.1

ocsp.godaddy.com/
IP

192.124.249.24:0
ASN

#30148 SUCURI-SEC

Magic

data

Size

1777
Hash

decea7b53db9ec8acd1017e5c5aa418a

427b2795e97f492e1811fd7ab4697cdb5e970222

0a9575b82aa6d5f365f7612c875ef6eeac54913e5a2b2c7882afdd4e6710c2bf

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 30 Jan 2023 08:11:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 29 Jan 2023 21:06:11 GMT
Expires: Mon, 30 Jan 2023 21:06:11 GMT
ETag: "427b2795e97f492e1811fd7ab4697cdb5e970222"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ww2.affinity.net/fly?no_capp=2&enk=MTI4OTI3fDExM3wxfDcxNjEyfDE2NzUwNjYyNzd8MXwxfDEzNQ==

216.139.248.127

200 OK

1937

URL HTTP/1.1

ww2.affinity.net/fly?no_capp=2&enk=MTI4OTI3fDExM3wxfDcxNjEyfDE2NzUwNjYyNzd8MXwxfDEzNQ==
IP

216.139.248.127:0
ASN

#32400 HWSERVICES-32400

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

Size

1937
Hash

b97024ad62411de2e5a8ecd1f96d1537

a18128d0ce53cfa48b314b02db352e3097d2e78d

2fe67f82e6b490bcd58a17b8609744d50c94eeb31b600492e9759bb870f2aef0

HTTP Headers

                                        GET /fly?no_capp=2&enk=MTI4OTI3fDExM3wxfDcxNjEyfDE2NzUwNjYyNzd8MXwxfDEzNQ== HTTP/1.1
Host: ww2.affinity.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                        HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 08:11:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Content-Encoding: gzip

ww2.affinity.net/fly1?sid=128927&sa=113&p=1&s=71612&qt=1675066277&q=&rf=&enc=&enk=MTI4OTI3fDExM3wxfDcxNjEyfDE2NzUwNjYyNzd8MXwxfDEzNQ%3D%3D&xsc=&xsp=&xsm=&xuc=&xcf=&xai=&qxcli=30bac1b9457b89b7&qxsi=5c30a2b77a47e964&mk=1&sx=1280&sy=1024&bx=1152&by=836&mx=0&my=0&ifm=0&ol=f0d7a424e8b5fb3c&tm=1675066278.964&etm=1675066278.9702&ls=0&lbc=0&lac=0&cskey=law24&ipspm=&no_capp=2

216.139.248.127

302 Moved Temporarily

URL HTTP/1.1

ww2.affinity.net/fly1?sid=128927&sa=113&p=1&s=71612&qt=1675066277&q=&rf=&enc=&enk=MTI4OTI3fDExM3wxfDcxNjEyfDE2NzUwNjYyNzd8MXwxfDEzNQ%3D%3D&xsc=&xsp=&xsm=&xuc=&xcf=&xai=&qxcli=30bac1b9457b89b7&qxsi=5c30a2b77a47e964&mk=1&sx=1280&sy=1024&bx=1152&by=836&mx=0&my=0&ifm=0&ol=f0d7a424e8b5fb3c&tm=1675066278.964&etm=1675066278.9702&ls=0&lbc=0&lac=0&cskey=law24&ipspm=&no_capp=2
IP

216.139.248.127:0
ASN

#32400 HWSERVICES-32400

Magic

very short file (no magic)

Size

1
Hash

68b329da9893e34099c7d8ad5cb9c940

adc83b19e793491b1c6ea0fd8b46cd9f32e592fc

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

HTTP Headers

                                        GET /fly1?sid=128927&sa=113&p=1&s=71612&qt=1675066277&q=&rf=&enc=&enk=MTI4OTI3fDExM3wxfDcxNjEyfDE2NzUwNjYyNzd8MXwxfDEzNQ%3D%3D&xsc=&xsp=&xsm=&xuc=&xcf=&xai=&qxcli=30bac1b9457b89b7&qxsi=5c30a2b77a47e964&mk=1&sx=1280&sy=1024&bx=1152&by=836&mx=0&my=0&ifm=0&ol=f0d7a424e8b5fb3c&tm=1675066278.964&etm=1675066278.9702&ls=0&lbc=0&lac=0&cskey=law24&ipspm=&no_capp=2 HTTP/1.1
Host: ww2.affinity.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.affinity.net/fly?no_capp=2&enk=MTI4OTI3fDExM3wxfDcxNjEyfDE2NzUwNjYyNzd8MXwxfDEzNQ==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Mon, 30 Jan 2023 08:11:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
X-P0: 0
Location: https://buy.norton.com/ps_ant_nortoncom_super?lp=products&nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23

ww2.affinity.net/favicon.ico

216.139.248.127

403 Forbidden

124

URL HTTP/1.1

ww2.affinity.net/favicon.ico
IP

216.139.248.127:0
ASN

#32400 HWSERVICES-32400

Magic

HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators

Size

124
Hash

80ff30e30f74d57436c9c3a1dfd2d13f

fd4d4cfdd4825a27a08e53ba04413f3c772d5828

d914475b45d59138e1f1e1407e7fd0351635febbf396144eb9cf2eba89c507c3

HTTP Headers

                                        GET /favicon.ico HTTP/1.1
Host: ww2.affinity.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.affinity.net/fly?no_capp=2&enk=MTI4OTI3fDExM3wxfDcxNjEyfDE2NzUwNjYyNzd8MXwxfDEzNQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 403 Forbidden
Server: nginx
Date: Mon, 30 Jan 2023 08:11:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

471
Hash

5c5bc701375ee726e789d906137c3327

82ae36f943c89e5b60c12f2b09ab2e6b866b3c75

6efceb2ae05906e09732571d3e9a00ede94c80404ca0c99a51cc498497c9012b

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6470
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 08:11:19 GMT
Last-Modified: Mon, 30 Jan 2023 06:23:29 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

buy.norton.com/ps_ant_nortoncom_super?lp=products&nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23

23.32.109.171

302 Found

URL HTTP/2

buy.norton.com/ps_ant_nortoncom_super?lp=products&nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23
IP

23.32.109.171:0
ASN

#16625 AKAMAI-AS

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /ps_ant_nortoncom_super?lp=products&nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23 HTTP/1.1
Host: buy.norton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww2.affinity.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                        HTTP/2 302 Found
content-length: 0
x-oneagent-js-injection: true
server-timing: dtRpid;desc="-226858694", dtSInfo;desc="0"
requestid: ed7bc15e54a50000
x-frame-options: DENY
location: http://buy-static.norton.com/norton/ps/super_ant_nortoncom.html?lp=products&nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23
strict-transport-security: max-age=31536000; includeSubDomains
expires: Mon, 30 Jan 2023 08:11:19 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 30 Jan 2023 08:11:19 GMT
set-cookie: dtCookie=v_4_srv_4_sn_E0ACD0BBD629199B3A98EF35DF1D2995_perc_100000_ol_0_mul_1_app-3A8eab1c7fef283cee_0; Path=/; Domain=.norton.com
JSESSIONID=2A87BBF23C02022B7D4E40B22B9BF539; Path=/; HttpOnly
X-CSRF-TOKEN=p4lnDEJIU3m7Nbu6BQqtMOJ0TFTWPpZ19943mgkAcsE_; Domain=buy.norton.com; Path=/; Secure
cv=exist; Domain=.norton.com; Path=/; Secure
SSE=""; Domain=.norton.com; Expires=Wed, 01-Mar-2023 08:11:19 GMT; Path=/; Secure
es=4e56533d317c5353473d7c4643443d4a616e2d33302d323032332030303a31313a31397c4c43443d4a616e2d33302d323032332030303a31313a3139; Domain=.norton.com; Expires=Wed, 01-Mar-2023 08:11:19 GMT; Path=/; Secure
tp=4f53433d4f6e6c696e652028317374297c4353433d4f6e6c696e652028317374297c4950533d7c4459523d307c4445583d30312f33302f323032337c4950433d7c4950463d7c4950563d7c4955433d7c4950443d53796d616e7465637c49504c3d6e6f7c4944503d7c5043493d7c534b543d7c454e503d7c4954443d7c5452533d706169647365617263687c50534e3d7c4447463d7c4c49433d7c4d49443d7c52554c3d7c4653563d; Domain=.norton.com; Expires=Wed, 01-Mar-2023 08:11:19 GMT; Path=/; Secure
COUNTRY=NO; Domain=.norton.com; Expires=Wed, 01-Mar-2023 08:11:19 GMT; Path=/; Secure
LANGUAGE=no; Domain=.norton.com; Expires=Wed, 01-Mar-2023 08:11:19 GMT; Path=/; Secure
pr=5043443d30312d33302d323032337c5049443d68686f5f73656d5f73793a6e6f3a6166663a6e6f3a653a62723a6b77303030303030353831373a37356130326635356561643631343264633735613063393833323166626332337c5349443d7c5054593d50616964536561726368;  Secure; Path=/; Max-Age=3888000; Domain=.norton.com
PROGRAMID="hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23"; Version=1; Domain=.norton.com; Max-Age=3888000; Expires=Thu, 16-Mar-2023 08:11:19 GMT; Path=/; Secure
PROGRAM_TYPE=PaidSearch; Domain=.norton.com; Expires=Thu, 16-Mar-2023 08:11:19 GMT; Path=/; Secure
SHOPPERID=""; Domain=.norton.com; Expires=Thu, 16-Mar-2023 08:11:19 GMT; Path=/; Secure
LSTID=""; Domain=.norton.com; Expires=Thu, 16-Mar-2023 08:11:19 GMT; Path=/; Secure
IRCID=""; Domain=.norton.com; Expires=Thu, 16-Mar-2023 08:11:19 GMT; Path=/; Secure
clickid=""; Domain=.norton.com; Expires=Thu, 16-Mar-2023 08:11:19 GMT; Path=/; Secure
TLID=2A87BBF23C02022B7D4E40B22B9BF539; Domain=.norton.com; Expires=Wed, 01-Mar-2023 08:11:19 GMT; Path=/; Secure
ESID=027569f588-be01-426WrdohFRuGNKJaGy99aw5w9X-qJjK4qQWubH3JzNUp7RRVBgwEntzh0T8UOKklaCNNE; path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

dfb84426fed94988d5c90372baff059c

f1c4740830034ff8a5759d59ae3f657ea524d083

d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7389
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 08:11:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

dfb84426fed94988d5c90372baff059c

f1c4740830034ff8a5759d59ae3f657ea524d083

d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7389
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 08:11:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

dfb84426fed94988d5c90372baff059c

f1c4740830034ff8a5759d59ae3f657ea524d083

d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7389
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 08:11:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

dfb84426fed94988d5c90372baff059c

f1c4740830034ff8a5759d59ae3f657ea524d083

d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7389
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 08:11:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

dfb84426fed94988d5c90372baff059c

f1c4740830034ff8a5759d59ae3f657ea524d083

d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7389
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 08:11:19 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg

34.120.237.76

200 OK

9167

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

9167
Hash

3be81f83687ddb6c93d3ff3c09a9dba2

50a48e737310d3f31840db4301b25927fbcc12c5

e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 20:46:17 GMT
age: 41102
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7679

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

7679
Hash

3e04b9eaf7449828136ad59e4c9d69f1

b820be4ed885dcf288eb6460c57e1fa7b1c7c476

df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Wx-qjsrMLYpLmE-8QmpR46BeRySbUGL2Rrr6LqhEQ8jaEEj_6Aj0qg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:52:09 GMT
age: 37150
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9457

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

9457
Hash

51aa950d5eed7b90cab6632107092edc

e4388ced02e5576867e77547496dec1ac2338ef7

588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: soTFEnYjNcti77h3FpnztwzR7ypv68NbyoI6DxS0NhU412ykFsWAgA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:00:38 GMT
age: 36641
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3678

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

3678
Hash

e8d680cbaee5ef3e7b8e09b174ed6ecf

6651a0d3041920798240ea67e827c3d458769fa9

4c74e8ebff95e67da678248d3dc1d3f42d98c8a0d33d54d9d2bde36314c9f952

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 3678
x-amzn-requestid: 21cd1ae3-b769-418a-b7f8-5efa486db859
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEvE-RIAMFpmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-6998009c289996563d78616a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Or8AGZIZTzP_EuRHaCfCNrdPQIw2OQW37MKvOTFQIQgO0h18ct0-Xg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:34:10 GMT
age: 34629
etag: "6651a0d3041920798240ea67e827c3d458769fa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11095

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

11095
Hash

bb1a5e0a2bb1cacf87189373c118adf4

079974268f755aa38fb2cb32b8bcb748353c793f

1b0519e6bfca30a31b83d427302f7e22140f5b2da6f13cac37ea9c07abc42676

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 11095
x-amzn-requestid: dc7c00e2-cd2d-4265-8763-3dd7dbe223ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkFyEhJIAMFjpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6f1-541a17c362e95dfa5e90f58f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: t1IqXPqG23nYmxAPOJFaZhKDD49KD8fREs8L59AGjx-1AzoQOeSO0A==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:53:08 GMT
age: 37091
etag: "079974268f755aa38fb2cb32b8bcb748353c793f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8464

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

8464
Hash

fe31ee140c2fd62e616c8a1edc9e78bb

7aa5fbdc8156514770ae620e81f1afef1c77890f

799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UNub7Gd4S0ogn5EJhtJVu8q1qML5_4eL2lIPQXiAuXy_q-XiR4s-5w==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:55:21 GMT
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
age: 36958
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

buy-static.norton.com/norton/ps/super_ant_nortoncom.html?lp=products&nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23

2.18.172.34

200 OK

415

URL HTTP/1.1

buy-static.norton.com/norton/ps/super_ant_nortoncom.html?lp=products&nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23
IP

2.18.172.34:0
ASN

#16625 AKAMAI-AS

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

Size

415
Hash

04994bd3c58d38ad3fa4558945ec3933

dfe1c040e62e4cfc1acb683314765823d53bffb7

bce9c7f423185fec8d5e4ebe82a543f6e352b96c6368c2d338f3fc342871f61f

HTTP Headers

                                        GET /norton/ps/super_ant_nortoncom.html?lp=products&nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23 HTTP/1.1
Host: buy-static.norton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Apache
Last-Modified: Tue, 17 Jun 2014 16:31:41 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 415
Unused62: 8096267
Date: Mon, 30 Jan 2023 08:11:20 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=0

no.norton.com/products?nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23

2.18.172.124

301 Moved Permanently

URL HTTP/1.1

no.norton.com/products?nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23
IP

2.18.172.124:0
ASN

#16625 AKAMAI-AS

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /products?nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23 HTTP/1.1
Host: no.norton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buy-static.norton.com/
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://no.norton.com/products?nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23
Date: Mon, 30 Jan 2023 08:11:20 GMT
Connection: keep-alive

no.norton.com/products?nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23

2.18.172.124

200 OK

20291

URL HTTP/2

no.norton.com/products?nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23
IP

2.18.172.124:0
ASN

#16625 AKAMAI-AS

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6716), with CRLF, LF line terminators

Size

20291
Hash

3c6dc87110b92c2dca19c62ad4d6dd4d

c539b50b2194849e614f79eec12730ad7a39d789

df99f9eebef2f6ab20006580f6ec64a2ffd09454b01c8c9fe5982659376dedbe

HTTP Headers

                                        GET /products?nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23 HTTP/1.1
Host: no.norton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://buy-static.norton.com/
Connection: keep-alive
Cookie: dtCookie=v_4_srv_4_sn_E0ACD0BBD629199B3A98EF35DF1D2995_perc_100000_ol_0_mul_1_app-3A8eab1c7fef283cee_0; cv=exist; SSE=""; es=4e56533d317c5353473d7c4643443d4a616e2d33302d323032332030303a31313a31397c4c43443d4a616e2d33302d323032332030303a31313a3139; tp=4f53433d4f6e6c696e652028317374297c4353433d4f6e6c696e652028317374297c4950533d7c4459523d307c4445583d30312f33302f323032337c4950433d7c4950463d7c4950563d7c4955433d7c4950443d53796d616e7465637c49504c3d6e6f7c4944503d7c5043493d7c534b543d7c454e503d7c4954443d7c5452533d706169647365617263687c50534e3d7c4447463d7c4c49433d7c4d49443d7c52554c3d7c4653563d; COUNTRY=NO; LANGUAGE=no; pr=5043443d30312d33302d323032337c5049443d68686f5f73656d5f73793a6e6f3a6166663a6e6f3a653a62723a6b77303030303030353831373a37356130326635356561643631343264633735613063393833323166626332337c5349443d7c5054593d50616964536561726368; PROGRAMID="hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23"; PROGRAM_TYPE=PaidSearch; SHOPPERID=""; LSTID=""; IRCID=""; clickid=""; TLID=2A87BBF23C02022B7D4E40B22B9BF539
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
content-type: text/html;charset=utf-8
content-length: 20291
server: Apache
x-xss-protection: 1; mode=block
x-content-type-options: nosniff, nosniff
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 30 Jan 2023 08:11:20 GMT
X-Firefox-Spdy: h2

assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js

2.18.172.233

200 OK

61968

URL HTTP/2

assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js
IP

2.18.172.233:0
ASN

#16625 AKAMAI-AS

Magic

ASCII text, with very long lines (32763)

Size

61968
Hash

f4065d5a18f46e1c0044885e03f0d271

5a7ba03b41a742fdab9607699b81b4717c175f76

f49aef0b24f9d270c702e8db9f9d86a42bddaffc146e825c096c566c5a8a3bde

HTTP Headers

                                        GET /launch-EN1cc7556280444b10a3c687a73ed01baa.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.norton.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "f7c3e5d36a96fbe703ed1e82ec606f95:1673287776.82374"
last-modified: Mon, 09 Jan 2023 18:09:36 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 30 Jan 2023 09:11:20 GMT
date: Mon, 30 Jan 2023 08:11:20 GMT
content-length: 61968
access-control-allow-origin: https://no.norton.com
timing-allow-origin: *
X-Firefox-Spdy: h2

no.norton.com/content/dam/norton/cb/icon_ui_search_m_2x.png

2.18.172.124

200 OK

700

URL HTTP/2

no.norton.com/content/dam/norton/cb/icon_ui_search_m_2x.png
IP

2.18.172.124:0
ASN

#16625 AKAMAI-AS

Magic

PNG image data, 36 x 36, 8-bit gray+alpha, non-interlaced\012- data

Size

700
Hash

a66b10b5be39deece1cc463d54135573

f7308d3ee8c94db6b27cfcd844d7b4d078f763d9

963adb4be5eee8f53bd330e7a6b03749ffb2de194b69705b25c0be94b86aa1b7

HTTP Headers

                                        GET /content/dam/norton/cb/icon_ui_search_m_2x.png HTTP/1.1
Host: no.norton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.norton.com/products?nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23
Cookie: dtCookie=v_4_srv_4_sn_E0ACD0BBD629199B3A98EF35DF1D2995_perc_100000_ol_0_mul_1_app-3A8eab1c7fef283cee_0; cv=exist; SSE=""; es=4e56533d317c5353473d7c4643443d4a616e2d33302d323032332030303a31313a31397c4c43443d4a616e2d33302d323032332030303a31313a3139; tp=4f53433d4f6e6c696e652028317374297c4353433d4f6e6c696e652028317374297c4950533d7c4459523d307c4445583d30312f33302f323032337c4950433d7c4950463d7c4950563d7c4955433d7c4950443d53796d616e7465637c49504c3d6e6f7c4944503d7c5043493d7c534b543d7c454e503d7c4954443d7c5452533d706169647365617263687c50534e3d7c4447463d7c4c49433d7c4d49443d7c52554c3d7c4653563d; COUNTRY=NO; LANGUAGE=no; pr=5043443d30312d33302d323032337c5049443d68686f5f73656d5f73793a6e6f3a6166663a6e6f3a653a62723a6b77303030303030353831373a37356130326635356561643631343264633735613063393833323166626332337c5349443d7c5054593d50616964536561726368; PROGRAMID="hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23"; PROGRAM_TYPE=PaidSearch; SHOPPERID=""; LSTID=""; IRCID=""; clickid=""; TLID=2A87BBF23C02022B7D4E40B22B9BF539
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
content-type: image/png
content-length: 700
server: Apache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-disposition: attachment
x-content-type-options: nosniff, nosniff
last-modified: Wed, 23 Mar 2022 03:26:20 GMT
etag: "2bc-5dada4b068f00"
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31226150
expires: Fri, 26 Jan 2024 18:07:10 GMT
date: Mon, 30 Jan 2023 08:11:20 GMT
X-Firefox-Spdy: h2

no.norton.com/etc.clientlibs/norton/clientlibs/generated/components/topnav.min.281b876ca0ce047d8e27ecae04e90a9a.css

2.18.172.124

200 OK

2071

URL HTTP/2

no.norton.com/etc.clientlibs/norton/clientlibs/generated/components/topnav.min.281b876ca0ce047d8e27ecae04e90a9a.css
IP

2.18.172.124:0
ASN

#16625 AKAMAI-AS

Magic

ASCII text, with very long lines (10926), with no line terminators

Size

2071
Hash

6b93cd7fe31629bca296c8fcbbd7cec9

8ced78dbc112ad605fc4956a3534b57133249144

2b17af0ae8087faa811414febf9fe28700b9fbd1a6c3ec7c7b580181259c000d

HTTP Headers

                                        GET /etc.clientlibs/norton/clientlibs/generated/components/topnav.min.281b876ca0ce047d8e27ecae04e90a9a.css HTTP/1.1
Host: no.norton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.norton.com/products?nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23
Cookie: dtCookie=v_4_srv_4_sn_E0ACD0BBD629199B3A98EF35DF1D2995_perc_100000_ol_0_mul_1_app-3A8eab1c7fef283cee_0; cv=exist; SSE=""; es=4e56533d317c5353473d7c4643443d4a616e2d33302d323032332030303a31313a31397c4c43443d4a616e2d33302d323032332030303a31313a3139; tp=4f53433d4f6e6c696e652028317374297c4353433d4f6e6c696e652028317374297c4950533d7c4459523d307c4445583d30312f33302f323032337c4950433d7c4950463d7c4950563d7c4955433d7c4950443d53796d616e7465637c49504c3d6e6f7c4944503d7c5043493d7c534b543d7c454e503d7c4954443d7c5452533d706169647365617263687c50534e3d7c4447463d7c4c49433d7c4d49443d7c52554c3d7c4653563d; COUNTRY=NO; LANGUAGE=no; pr=5043443d30312d33302d323032337c5049443d68686f5f73656d5f73793a6e6f3a6166663a6e6f3a653a62723a6b77303030303030353831373a37356130326635356561643631343264633735613063393833323166626332337c5349443d7c5054593d50616964536561726368; PROGRAMID="hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23"; PROGRAM_TYPE=PaidSearch; SHOPPERID=""; LSTID=""; IRCID=""; clickid=""; TLID=2A87BBF23C02022B7D4E40B22B9BF539
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
content-type: text/css;charset=utf-8
content-length: 2071
server: Apache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff, nosniff
last-modified: Thu, 02 Jun 2022 17:45:12 GMT
etag: "2aae-5e07a914e1a00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31226254
expires: Fri, 26 Jan 2024 18:08:54 GMT
date: Mon, 30 Jan 2023 08:11:20 GMT
X-Firefox-Spdy: h2

no.norton.com/etc.clientlibs/norton/clientlibs/generated/templates/runtime.min.3e509b6fbb60e3bacdc070373e53e258.js

2.18.172.124

200 OK

722

URL HTTP/2

no.norton.com/etc.clientlibs/norton/clientlibs/generated/templates/runtime.min.3e509b6fbb60e3bacdc070373e53e258.js
IP

2.18.172.124:0
ASN

#16625 AKAMAI-AS

Magic

ASCII text, with very long lines (1492), with no line terminators

Size

722
Hash

55ccc93627558059cde0c7b7661751cb

d6b5e877cc3193928e886126c985f3905f24c731

eb13a20a3abbc8fb36e88156c5fb2fbcc599071b5e1b1c5752acd90d70301454

HTTP Headers

                                        GET /etc.clientlibs/norton/clientlibs/generated/templates/runtime.min.3e509b6fbb60e3bacdc070373e53e258.js HTTP/1.1
Host: no.norton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.norton.com/products?nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23
Cookie: dtCookie=v_4_srv_4_sn_E0ACD0BBD629199B3A98EF35DF1D2995_perc_100000_ol_0_mul_1_app-3A8eab1c7fef283cee_0; cv=exist; SSE=""; es=4e56533d317c5353473d7c4643443d4a616e2d33302d323032332030303a31313a31397c4c43443d4a616e2d33302d323032332030303a31313a3139; tp=4f53433d4f6e6c696e652028317374297c4353433d4f6e6c696e652028317374297c4950533d7c4459523d307c4445583d30312f33302f323032337c4950433d7c4950463d7c4950563d7c4955433d7c4950443d53796d616e7465637c49504c3d6e6f7c4944503d7c5043493d7c534b543d7c454e503d7c4954443d7c5452533d706169647365617263687c50534e3d7c4447463d7c4c49433d7c4d49443d7c52554c3d7c4653563d; COUNTRY=NO; LANGUAGE=no; pr=5043443d30312d33302d323032337c5049443d68686f5f73656d5f73793a6e6f3a6166663a6e6f3a653a62723a6b77303030303030353831373a37356130326635356561643631343264633735613063393833323166626332337c5349443d7c5054593d50616964536561726368; PROGRAMID="hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23"; PROGRAM_TYPE=PaidSearch; SHOPPERID=""; LSTID=""; IRCID=""; clickid=""; TLID=2A87BBF23C02022B7D4E40B22B9BF539
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 722
server: Apache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff, nosniff
last-modified: Wed, 13 Apr 2022 07:32:50 GMT
etag: "5d4-5dc842f3eec80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31226157
expires: Fri, 26 Jan 2024 18:07:17 GMT
date: Mon, 30 Jan 2023 08:11:20 GMT
X-Firefox-Spdy: h2

no.norton.com/etc.clientlibs/norton/clientlibs/generated/components/freetrialmodal.min.fd8bf126fd023d8cede95776e4fb0850.css

2.18.172.124

200 OK

661

URL HTTP/2

no.norton.com/etc.clientlibs/norton/clientlibs/generated/components/freetrialmodal.min.fd8bf126fd023d8cede95776e4fb0850.css
IP

2.18.172.124:0
ASN

#16625 AKAMAI-AS

Magic

ASCII text, with very long lines (2048), with no line terminators

Size

661
Hash

e3985fbb7b32b39913edf10b097f28ce

7e93577f798e38e779329e6b74d711a62bcd1ffa

30aaa230bfeead0d94c206fa5a094621118acc7adcc9791e7f565f0eebd6040c

HTTP Headers

                                        GET /etc.clientlibs/norton/clientlibs/generated/components/freetrialmodal.min.fd8bf126fd023d8cede95776e4fb0850.css HTTP/1.1
Host: no.norton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.norton.com/products?nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23
Cookie: dtCookie=v_4_srv_4_sn_E0ACD0BBD629199B3A98EF35DF1D2995_perc_100000_ol_0_mul_1_app-3A8eab1c7fef283cee_0; cv=exist; SSE=""; es=4e56533d317c5353473d7c4643443d4a616e2d33302d323032332030303a31313a31397c4c43443d4a616e2d33302d323032332030303a31313a3139; tp=4f53433d4f6e6c696e652028317374297c4353433d4f6e6c696e652028317374297c4950533d7c4459523d307c4445583d30312f33302f323032337c4950433d7c4950463d7c4950563d7c4955433d7c4950443d53796d616e7465637c49504c3d6e6f7c4944503d7c5043493d7c534b543d7c454e503d7c4954443d7c5452533d706169647365617263687c50534e3d7c4447463d7c4c49433d7c4d49443d7c52554c3d7c4653563d; COUNTRY=NO; LANGUAGE=no; pr=5043443d30312d33302d323032337c5049443d68686f5f73656d5f73793a6e6f3a6166663a6e6f3a653a62723a6b77303030303030353831373a37356130326635356561643631343264633735613063393833323166626332337c5349443d7c5054593d50616964536561726368; PROGRAMID="hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23"; PROGRAM_TYPE=PaidSearch; SHOPPERID=""; LSTID=""; IRCID=""; clickid=""; TLID=2A87BBF23C02022B7D4E40B22B9BF539
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
content-type: text/css;charset=utf-8
content-length: 661
server: Apache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff, nosniff
last-modified: Wed, 18 Jan 2023 20:55:57 GMT
etag: "800-5f2900afb3140-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=30616485
expires: Fri, 19 Jan 2024 16:46:05 GMT
date: Mon, 30 Jan 2023 08:11:20 GMT
X-Firefox-Spdy: h2

no.norton.com/etc.clientlibs/norton/clientlibs/generated/components/modal-trigger.min.89b130ceb969295e51bac4c9bd335e19.js

2.18.172.124

200 OK

2579

URL HTTP/2

no.norton.com/etc.clientlibs/norton/clientlibs/generated/components/modal-trigger.min.89b130ceb969295e51bac4c9bd335e19.js
IP

2.18.172.124:0
ASN

#16625 AKAMAI-AS

Magic

ASCII text, with very long lines (7755), with no line terminators

Size

2579
Hash

aa6a6437863583b3a497b290df8a2774

9d04c705f04d4cf046af1747f5dc5cbcc8e442f8

429725918545441bebf4d439aff8f8ffbc239376a3bfa7f8cc755da073740253

HTTP Headers

                                        GET /etc.clientlibs/norton/clientlibs/generated/components/modal-trigger.min.89b130ceb969295e51bac4c9bd335e19.js HTTP/1.1
Host: no.norton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.norton.com/products?nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23
Cookie: dtCookie=v_4_srv_4_sn_E0ACD0BBD629199B3A98EF35DF1D2995_perc_100000_ol_0_mul_1_app-3A8eab1c7fef283cee_0; cv=exist; SSE=""; es=4e56533d317c5353473d7c4643443d4a616e2d33302d323032332030303a31313a31397c4c43443d4a616e2d33302d323032332030303a31313a3139; tp=4f53433d4f6e6c696e652028317374297c4353433d4f6e6c696e652028317374297c4950533d7c4459523d307c4445583d30312f33302f323032337c4950433d7c4950463d7c4950563d7c4955433d7c4950443d53796d616e7465637c49504c3d6e6f7c4944503d7c5043493d7c534b543d7c454e503d7c4954443d7c5452533d706169647365617263687c50534e3d7c4447463d7c4c49433d7c4d49443d7c52554c3d7c4653563d; COUNTRY=NO; LANGUAGE=no; pr=5043443d30312d33302d323032337c5049443d68686f5f73656d5f73793a6e6f3a6166663a6e6f3a653a62723a6b77303030303030353831373a37356130326635356561643631343264633735613063393833323166626332337c5349443d7c5054593d50616964536561726368; PROGRAMID="hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23"; PROGRAM_TYPE=PaidSearch; SHOPPERID=""; LSTID=""; IRCID=""; clickid=""; TLID=2A87BBF23C02022B7D4E40B22B9BF539
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 2579
server: Apache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff, nosniff
last-modified: Wed, 18 Jan 2023 20:55:57 GMT
etag: "1e4b-5f2900afb3140-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=30616545
expires: Fri, 19 Jan 2024 16:47:05 GMT
date: Mon, 30 Jan 2023 08:11:20 GMT
X-Firefox-Spdy: h2

no.norton.com/etc.clientlibs/norton/clientlibs/generated/components/icon-navigation.min.fb9bc28cb5ff03b47743759652846863.css

2.18.172.124

200 OK

647

URL HTTP/2

no.norton.com/etc.clientlibs/norton/clientlibs/generated/components/icon-navigation.min.fb9bc28cb5ff03b47743759652846863.css
IP

2.18.172.124:0
ASN

#16625 AKAMAI-AS

Magic

ASCII text, with very long lines (2328), with no line terminators

Size

647
Hash

5c802082d69c2b34b739a9a986ffec44

c24858b822af56c031b2c9924d7d7b436cbcc9da

c8c280f9a17d996d85fa5a2106ced6a136d69c5e553e66d1cd99f9f08dea80d8

HTTP Headers

                                        GET /etc.clientlibs/norton/clientlibs/generated/components/icon-navigation.min.fb9bc28cb5ff03b47743759652846863.css HTTP/1.1
Host: no.norton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.norton.com/products?nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23
Cookie: dtCookie=v_4_srv_4_sn_E0ACD0BBD629199B3A98EF35DF1D2995_perc_100000_ol_0_mul_1_app-3A8eab1c7fef283cee_0; cv=exist; SSE=""; es=4e56533d317c5353473d7c4643443d4a616e2d33302d323032332030303a31313a31397c4c43443d4a616e2d33302d323032332030303a31313a3139; tp=4f53433d4f6e6c696e652028317374297c4353433d4f6e6c696e652028317374297c4950533d7c4459523d307c4445583d30312f33302f323032337c4950433d7c4950463d7c4950563d7c4955433d7c4950443d53796d616e7465637c49504c3d6e6f7c4944503d7c5043493d7c534b543d7c454e503d7c4954443d7c5452533d706169647365617263687c50534e3d7c4447463d7c4c49433d7c4d49443d7c52554c3d7c4653563d; COUNTRY=NO; LANGUAGE=no; pr=5043443d30312d33302d323032337c5049443d68686f5f73656d5f73793a6e6f3a6166663a6e6f3a653a62723a6b77303030303030353831373a37356130326635356561643631343264633735613063393833323166626332337c5349443d7c5054593d50616964536561726368; PROGRAMID="hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23"; PROGRAM_TYPE=PaidSearch; SHOPPERID=""; LSTID=""; IRCID=""; clickid=""; TLID=2A87BBF23C02022B7D4E40B22B9BF539
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
content-type: text/css;charset=utf-8
content-length: 647
server: Apache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff, nosniff
last-modified: Thu, 25 Aug 2022 19:18:09 GMT
etag: "918-5e715a863de40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31226729
expires: Fri, 26 Jan 2024 18:16:49 GMT
date: Mon, 30 Jan 2023 08:11:20 GMT
X-Firefox-Spdy: h2

no.norton.com/etc.clientlibs/norton/clientlibs/generated/components/topnav.min.dbb69453aba0cdf950216bdb7434ab55.js

2.18.172.124

200 OK

2234

URL HTTP/2

no.norton.com/etc.clientlibs/norton/clientlibs/generated/components/topnav.min.dbb69453aba0cdf950216bdb7434ab55.js
IP

2.18.172.124:0
ASN

#16625 AKAMAI-AS

Magic

C source, ASCII text, with very long lines (8179), with no line terminators

Size

2234
Hash

54b774acecf137798d8a3988cf442f42

47bd437c32bf1d687a49f60ee7bc23269abd57c0

cbad135f7fbde0a190179f7f8fa610f90da8c9e5815d9631b1f68b0047958280

HTTP Headers

                                        GET /etc.clientlibs/norton/clientlibs/generated/components/topnav.min.dbb69453aba0cdf950216bdb7434ab55.js HTTP/1.1
Host: no.norton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.norton.com/products?nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23
Cookie: dtCookie=v_4_srv_4_sn_E0ACD0BBD629199B3A98EF35DF1D2995_perc_100000_ol_0_mul_1_app-3A8eab1c7fef283cee_0; cv=exist; SSE=""; es=4e56533d317c5353473d7c4643443d4a616e2d33302d323032332030303a31313a31397c4c43443d4a616e2d33302d323032332030303a31313a3139; tp=4f53433d4f6e6c696e652028317374297c4353433d4f6e6c696e652028317374297c4950533d7c4459523d307c4445583d30312f33302f323032337c4950433d7c4950463d7c4950563d7c4955433d7c4950443d53796d616e7465637c49504c3d6e6f7c4944503d7c5043493d7c534b543d7c454e503d7c4954443d7c5452533d706169647365617263687c50534e3d7c4447463d7c4c49433d7c4d49443d7c52554c3d7c4653563d; COUNTRY=NO; LANGUAGE=no; pr=5043443d30312d33302d323032337c5049443d68686f5f73656d5f73793a6e6f3a6166663a6e6f3a653a62723a6b77303030303030353831373a37356130326635356561643631343264633735613063393833323166626332337c5349443d7c5054593d50616964536561726368; PROGRAMID="hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23"; PROGRAM_TYPE=PaidSearch; SHOPPERID=""; LSTID=""; IRCID=""; clickid=""; TLID=2A87BBF23C02022B7D4E40B22B9BF539
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 2234
server: Apache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff, nosniff
last-modified: Wed, 18 Jan 2023 20:55:57 GMT
etag: "1ff3-5f2900afb3140-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=30547381
expires: Thu, 18 Jan 2024 21:34:21 GMT
date: Mon, 30 Jan 2023 08:11:20 GMT
X-Firefox-Spdy: h2

no.norton.com/etc.clientlibs/norton/clientlibs/generated/components/text.min.87291e81e7d648bf27350c276b76287a.js

2.18.172.124

200 OK

808

URL HTTP/2

no.norton.com/etc.clientlibs/norton/clientlibs/generated/components/text.min.87291e81e7d648bf27350c276b76287a.js
IP

2.18.172.124:0
ASN

#16625 AKAMAI-AS

Magic

ASCII text, with very long lines (1932), with no line terminators

Size

808
Hash

bf5b7056defa7b2313418ad907f2ce77

1c556a32972be2f180fbf7b979219df29f21bd2e

ff413f193b513f152a229b9717c314441dbe5e3c14f8027abe5db0c083817af2

HTTP Headers

                                        GET /etc.clientlibs/norton/clientlibs/generated/components/text.min.87291e81e7d648bf27350c276b76287a.js HTTP/1.1
Host: no.norton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.norton.com/products?nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23
Cookie: dtCookie=v_4_srv_4_sn_E0ACD0BBD629199B3A98EF35DF1D2995_perc_100000_ol_0_mul_1_app-3A8eab1c7fef283cee_0; cv=exist; SSE=""; es=4e56533d317c5353473d7c4643443d4a616e2d33302d323032332030303a31313a31397c4c43443d4a616e2d33302d323032332030303a31313a3139; tp=4f53433d4f6e6c696e652028317374297c4353433d4f6e6c696e652028317374297c4950533d7c4459523d307c4445583d30312f33302f323032337c4950433d7c4950463d7c4950563d7c4955433d7c4950443d53796d616e7465637c49504c3d6e6f7c4944503d7c5043493d7c534b543d7c454e503d7c4954443d7c5452533d706169647365617263687c50534e3d7c4447463d7c4c49433d7c4d49443d7c52554c3d7c4653563d; COUNTRY=NO; LANGUAGE=no; pr=5043443d30312d33302d323032337c5049443d68686f5f73656d5f73793a6e6f3a6166663a6e6f3a653a62723a6b77303030303030353831373a37356130326635356561643631343264633735613063393833323166626332337c5349443d7c5054593d50616964536561726368; PROGRAMID="hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23"; PROGRAM_TYPE=PaidSearch; SHOPPERID=""; LSTID=""; IRCID=""; clickid=""; TLID=2A87BBF23C02022B7D4E40B22B9BF539
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 808
server: Apache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff, nosniff
last-modified: Wed, 18 Jan 2023 20:55:57 GMT
etag: "78c-5f2900afb3140-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=30547354
expires: Thu, 18 Jan 2024 21:33:54 GMT
date: Mon, 30 Jan 2023 08:11:20 GMT
X-Firefox-Spdy: h2

no.norton.com/etc.clientlibs/norton/clientlibs/generated/components/modal-trigger.min.c02bb7423ea9ba33855c1b144ad6766c.css

2.18.172.124

200 OK

559

URL HTTP/2

no.norton.com/etc.clientlibs/norton/clientlibs/generated/components/modal-trigger.min.c02bb7423ea9ba33855c1b144ad6766c.css
IP

2.18.172.124:0
ASN

#16625 AKAMAI-AS

Magic

ASCII text, with very long lines (1759), with no line terminators

Size

559
Hash

5aabe4df507973071ecd833de2a11ded

f2be10c6efc4ba953c4845b0f635393d5b0d84f7

4171aca2c3609a03bdf77839435f6289d2f29c640bc824bfb668d3efeb1b79db

HTTP Headers

                                        GET /etc.clientlibs/norton/clientlibs/generated/components/modal-trigger.min.c02bb7423ea9ba33855c1b144ad6766c.css HTTP/1.1
Host: no.norton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.norton.com/products?nortoncountry=NO&om_sem_cid=hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23
Cookie: dtCookie=v_4_srv_4_sn_E0ACD0BBD629199B3A98EF35DF1D2995_perc_100000_ol_0_mul_1_app-3A8eab1c7fef283cee_0; cv=exist; SSE=""; es=4e56533d317c5353473d7c4643443d4a616e2d33302d323032332030303a31313a31397c4c43443d4a616e2d33302d323032332030303a31313a3139; tp=4f53433d4f6e6c696e652028317374297c4353433d4f6e6c696e652028317374297c4950533d7c4459523d307c4445583d30312f33302f323032337c4950433d7c4950463d7c4950563d7c4955433d7c4950443d53796d616e7465637c49504c3d6e6f7c4944503d7c5043493d7c534b543d7c454e503d7c4954443d7c5452533d706169647365617263687c50534e3d7c4447463d7c4c49433d7c4d49443d7c52554c3d7c4653563d; COUNTRY=NO; LANGUAGE=no; pr=5043443d30312d33302d323032337c5049443d68686f5f73656d5f73793a6e6f3a6166663a6e6f3a653a62723a6b77303030303030353831373a37356130326635356561643631343264633735613063393833323166626332337c5349443d7c5054593d50616964536561726368; PROGRAMID="hho_sem_sy:no:aff:no:e:br:kw0000005817:75a02f55ead6142dc75a0c98321fbc23"; PROGRAM_TYPE=PaidSearch; SHOPPERID=""; LSTID=""; IRCID=""; clickid=""; TLID=2A87BBF23C02022B7D4E40B22B9BF539
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
content-type: text/css;charset=utf-8
content-length: 559
server: Apache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff, nosniff
last-modified: Wed, 19 Oct 2022 18:51:47 GMT
etag: "6df-5eb67b35e16c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=30616443
expires: Fri, 19 Jan 2024 16:45:23 GMT
date: Mon, 30 Jan 2023 08:11:20 GMT
X-Firefox-Spdy: h2

no.norton.com/content/dam/norton/cb/icon_ui_cart_empty_m_2x.png

2.18.172.124

200 OK

684

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (28)

#1 JS:Script (size: 376)

#2 JS:Script (size: 604)

#3 JS:Script (size: 2753)

#4 JS:Script (size: 2682)

#5 JS:Script (size: 7755)

#6 JS:Script (size: 8179)

#7 JS:Script (size: 6726)

#8 JS:Script (size: 49107)

#9 JS:Script (size: 35412)

#10 JS:Script (size: 796)

#11 JS:Script (size: 188057)

#12 JS:Script (size: 1932)

#13 JS:Script (size: 537)

#14 JS:Script (size: 3584)

#15 JS:Script (size: 1840)

#16 JS:Script (size: 3994)

#17 JS:Script (size: 992)

#18 JS:Script (size: 596673)

#19 JS:Script (size: 4149)

#20 JS:Script (size: 43)

#21 JS:Script (size: 1492)

#22 JS:Script (size: 18348)

#23 JS:Script (size: 76357)

#24 JS:Script (size: 1496)

#25 JS:Script (size: 3757)

#1 JS:Eval (size: 265)

#2 JS:Eval (size: 438)

#3 JS:Eval (size: 300)

HTTP Transactions (97)

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash