URL: https://norvowbeta.pages.dev/robots.txt
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On May 16 via api from IT — Scanned from IT

Summary

This website contacted 13 IPs in 2 countries across 12 domains to perform 36 HTTP transactions. The main IP is 172.66.45.36, located in United States and belongs to CLOUDFLARENET, US. The main domain is norvowbeta.pages.dev.
TLS certificate: Issued by GTS CA 1P5 on May 16th 2024. Valid for: 3 months.
This is the only time norvowbeta.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 172.66.45.36 13335 (CLOUDFLAR...)
8 104.17.25.14 13335 (CLOUDFLAR...)
1 151.101.130.137 54113 (FASTLY)
1 104.16.139.209 13335 (CLOUDFLAR...)
1 142.250.185.138 15169 (GOOGLE)
6 216.58.206.67 15169 (GOOGLE)
2 104.16.111.254 13335 (CLOUDFLAR...)
1 172.64.153.27 13335 (CLOUDFLAR...)
1 104.16.78.142 13335 (CLOUDFLAR...)
1 104.16.160.168 13335 (CLOUDFLAR...)
3 104.16.118.116 13335 (CLOUDFLAR...)
1 104.18.80.204 13335 (CLOUDFLAR...)
1 104.16.117.116 13335 (CLOUDFLAR...)
36 13
Apex Domain
Subdomains
Transfer
9 pages.dev
norvowbeta.pages.dev
401 KB
8 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
126 KB
6 gstatic.com
fonts.gstatic.com
117 KB
4 hubspot.com
api.hubspot.com — Cisco Umbrella Rank: 4890
track.hubspot.com — Cisco Umbrella Rank: 2393
app.hubspot.com — Cisco Umbrella Rank: 5794
3 KB
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 4572
forms.hscollectedforms.net — Cisco Umbrella Rank: 4722
26 KB
1 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4333
884 B
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2225
21 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 4801
25 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2189
23 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2460
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 776
30 KB
36 12
Domain Requested by
9 norvowbeta.pages.dev norvowbeta.pages.dev
8 cdnjs.cloudflare.com norvowbeta.pages.dev
cdnjs.cloudflare.com
6 fonts.gstatic.com fonts.googleapis.com
2 api.hubspot.com js.usemessages.com
1 app.hubspot.com js.usemessages.com
1 track.hubspot.com
1 forms.hsforms.com norvowbeta.pages.dev
1 forms.hscollectedforms.net js.hscollectedforms.net
1 js.hs-analytics.net js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 fonts.googleapis.com norvowbeta.pages.dev
1 js.hs-scripts.com norvowbeta.pages.dev
1 code.jquery.com norvowbeta.pages.dev
36 15

This site contains links to these domains. Also see Links.

Domain
youtube.com
www.tiktok.com
Subject Issuer Validity Valid
norvowbeta.pages.dev
GTS CA 1P5
2024-05-16 -
2024-08-14
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
hs-scripts.com
E1
2024-04-01 -
2024-06-30
3 months crt.sh
upload.video.google.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.gstatic.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
hscollectedforms.net
E1
2024-03-29 -
2024-06-27
3 months crt.sh
hs-banner.com
E1
2024-04-01 -
2024-06-30
3 months crt.sh
usemessages.com
E1
2024-04-12 -
2024-07-11
3 months crt.sh
hs-analytics.net
GTS CA 1P5
2024-04-13 -
2024-07-12
3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2024-01-06 -
2024-12-31
a year crt.sh
hsforms.com
GTS CA 1P5
2024-04-17 -
2024-07-16
3 months crt.sh

This page contains 2 frames:

Primary Page: https://norvowbeta.pages.dev/robots.txt
Frame ID: 40B79A4E4B0D785D78AD78A53FBE4EDF
Requests: 34 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/23907078/threads/utk/dc0a1127075f41d1ac526917c62a5f17?uuid=03f0bdd088604b5982c49149bcb17009&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=norvowbeta.pages.dev&inApp53=false&messagesUtk=dc0a1127075f41d1ac526917c62a5f17&url=https%3A%2F%2Fnorvowbeta.pages.dev%2Frobots.txt&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: D564BA57C787C1261A43851813A4AB00
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Norvow Mobile

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics


Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

13
IPs

2
Countries

775 kB
Transfer

1171 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request robots.txt
norvowbeta.pages.dev/
6 KB
2 KB
Document
General
Full URL
https://norvowbeta.pages.dev/robots.txt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.45.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c483156e4f25ebbbb9fa8d08bfca81225e4ef309d27958d13f107d310ab7c365
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
88489487cd407945-PMO
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 16 May 2024 04:21:18 GMT
etag
W/"1766c976b0c7cab64f6d726a8f44e106"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ogugY90Hi%2BPnZu8ifawzwCqukg4aX8rWgJEigqtWgX5b98raOQnWslvVYIDxeKZpvp6P9Wy1EN4ZpyKmuMr%2BZwLnSbFyz%2FS1YXSPedSAWKkipQYobSQQvgQ2wazmCeIMIYCe%2F%2BA8%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
style.css
norvowbeta.pages.dev/
14 KB
3 KB
Stylesheet
General
Full URL
https://norvowbeta.pages.dev/style.css
Requested by
Host: norvowbeta.pages.dev
URL: https://norvowbeta.pages.dev/robots.txt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.45.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4b8b8010aafc7b57ce17deb44ca6fb943a4b70debdb114b763b82cb763cd7a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/robots.txt
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:18 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"376cd08010a33f13ce693a8adb12e92e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FOc3lGUjMiNXSvKjd69Z72d89C3QAE5FyUZgeHd905BBxXtFyIb145vgPSfy8Lb9CX04HJZp4bBFU0rIL%2Fi0SgvYkzFxVgTiIsPbDR0Fhw1rWL9oRr14t%2BPzrECdij%2F8eSBcs3G15Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
884894891e097945-PMO
alt-svc
h3=":443"; ma=86400
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/
58 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Requested by
Host: norvowbeta.pages.dev
URL: https://norvowbeta.pages.dev/robots.txt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
106533
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10482
last-modified
Sat, 06 Jan 2024 21:52:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6599bda5-28f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lRXzq2n1txEaf0BpTIngdzUYeTvx45%2Fpn4IKlW07IGNBgMFqC0hvC3VkMHWTAvcGBqnLeWXodYPeWoBfv6d%2FxpTYp2zV96nsbbBI8PO4bRjPO8dLPezwqWxPJ5HnwidnSfPdQARN"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
884894896f397c52-PMO
expires
Tue, 06 May 2025 04:21:18 GMT
jquery-3.5.1.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: norvowbeta.pages.dev
URL: https://norvowbeta.pages.dev/robots.txt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:19 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1689452
x-cache
HIT, HIT
content-length
30879
x-served-by
cache-lga21981-LGA, cache-pmo2280031-PMO
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1715833279.002810,VS0,VE0
etag
W/"28feccc0-15d84"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
73, 75816
typed.min.js
cdnjs.cloudflare.com/ajax/libs/typed.js/2.0.11/
11 KB
4 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/typed.js/2.0.11/typed.min.js
Requested by
Host: norvowbeta.pages.dev
URL: https://norvowbeta.pages.dev/robots.txt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa2cdc1f6dea82d7be6a219947193adc1c46532a10ac04195681f6cca53dbac3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
26962
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3089
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-2de4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SR5y2gRu29tuP1vvARGK19VUj6tMDAgPHwKVIbWFqdPDD0xsjaPQH4B%2FABRVX0YrQ0bUTU3ZTFqFjaQO7%2ByhGENGS9ZU1bD4KB5eAbEFj48CKfYy%2BrCyYf%2FDU3ls3esU34Ds%2FCzj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
884894896f3a7c52-PMO
expires
Tue, 06 May 2025 04:21:18 GMT
jquery.waypoints.min.js
cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/
9 KB
3 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/jquery.waypoints.min.js
Requested by
Host: norvowbeta.pages.dev
URL: https://norvowbeta.pages.dev/robots.txt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
691929
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2417
last-modified
Mon, 04 May 2020 16:17:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0402f-2281"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gKGnf%2BT07gDba9Ss0zLXrDz9HeDKZQy4%2BuSrsW3PObiaMFwhpyzWqB8K1A%2F1qnAWP4yED%2FwFW0g%2BJZ4zkMfMmpR%2BUlXuGCtt5vL3%2BmligUQ4FwSFmJHgBQR7UOULYu4VnG5QHM8F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
884894896f3c7c52-PMO
expires
Tue, 06 May 2025 04:21:18 GMT
owl.carousel.min.js
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/
43 KB
11 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js
Requested by
Host: norvowbeta.pages.dev
URL: https://norvowbeta.pages.dev/robots.txt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
31229
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10158
last-modified
Mon, 04 May 2020 16:04:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf0-ad36"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fl23dIxDHpWKrxs1YaQnhbhSfgH170DU5R%2B9u1QFxX0HPJ8yKHRCHtAQcumYtHBkjGd7Ke%2F5QhUbkLWAPZnxFDOBAZtbcYWkTgzshOcg56%2FeUtL1UIyVKqRXlwBt0a8Qr37giPOj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
884894896f347c52-PMO
expires
Tue, 06 May 2025 04:21:18 GMT
owl.carousel.min.css
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/
3 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css
Requested by
Host: norvowbeta.pages.dev
URL: https://norvowbeta.pages.dev/robots.txt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
29413
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
845
last-modified
Mon, 04 May 2020 16:04:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf0-d17"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nvhBUOs1204ArUkh1J5vdF99ZXMwghW15zzGcCd3qIh93jItK2k87KjIN7ni%2BoWzIalzeE%2BQ1vg0QwQ2W8GSezJsdGCv9%2FjWKQpZckaOLrKaXuLwqmrblNeL8QR27Vs%2FnJsHGIeO"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
884894896f367c52-PMO
expires
Tue, 06 May 2025 04:21:18 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: norvowbeta.pages.dev
URL: https://norvowbeta.pages.dev/robots.txt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
30701
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rVGBJQzbSjvaH8BkMmFwA%2Bq7EFspHES3zrTfvSCVhcQHhuxHcvP6%2FOhfkr7kMbFoi3dTvp0ZveiNb7W72rphMg3SNiZ0%2B08A7qNR%2B84RjqkHAccV00r%2BEW9dj6XgLRFUhZZV1y5%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
884894896f387c52-PMO
expires
Tue, 06 May 2025 04:21:18 GMT
norvow.png
norvowbeta.pages.dev/
21 KB
22 KB
Image
General
Full URL
https://norvowbeta.pages.dev/norvow.png
Requested by
Host: norvowbeta.pages.dev
URL: https://norvowbeta.pages.dev/robots.txt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.45.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77f3724eb04a61427930ea040fe9de5552bd1a8cff18132efaac9a7c1c3d2da0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/robots.txt
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:18 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"b474ff51bfb084ddaafe3b5c1098210c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BxgszeMFAQNbIE4JfWM3rOcBy%2BcETfIvHJ9CVN%2BGb%2Fu0K0gDMjUIAy5KwfXPsZP01EHEJ5X0vbp%2BY23%2FI4Dfuw7HaZT5hFdKqcX%2FAKy3SxRo6HJ1BM7X9YlrvTAzJAKkxlvnJVUUGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
884894891e0a7945-PMO
alt-svc
h3=":443"; ma=86400
content-length
21545
youtube.png
norvowbeta.pages.dev/images/
6 KB
6 KB
Image
General
Full URL
https://norvowbeta.pages.dev/images/youtube.png
Requested by
Host: norvowbeta.pages.dev
URL: https://norvowbeta.pages.dev/robots.txt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.45.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/robots.txt
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:18 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1766c976b0c7cab64f6d726a8f44e106"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x6ZZLyGcUPr5Q%2FqFHBjxqYlgp1GKsH5Ll260mnMbD1ATYAcG9dF6RrbdT1%2Bz8kwynYHq5OIx9ibq4bm7p5vJ1rqtfV06lboErMLwH3157dyZg%2Bzuo8n%2FzjwZI1lRnMkqnRLb0Oaexw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
884894891e0b7945-PMO
alt-svc
h3=":443"; ma=86400
tiktok.png
norvowbeta.pages.dev/images/
6 KB
6 KB
Image
General
Full URL
https://norvowbeta.pages.dev/images/tiktok.png
Requested by
Host: norvowbeta.pages.dev
URL: https://norvowbeta.pages.dev/robots.txt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.45.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/robots.txt
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:19 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1766c976b0c7cab64f6d726a8f44e106"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2FtH%2BEdwPO2oew0LkLU0dI%2BMdrDCm9Uc7a4u9WB%2FMdkMqwDt2bmkzPrAxpSQpUeLpc6lb2YIsDomSG1Xn6uTfoMAWUoocX%2BJ3%2F9ZKJAGiSKQSOaulkixlYuCG7%2BU0L1DaD5qLrvphQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
88489489ae627945-PMO
alt-svc
h3=":443"; ma=86400
instagram.png
norvowbeta.pages.dev/images/
6 KB
6 KB
Image
General
Full URL
https://norvowbeta.pages.dev/images/instagram.png
Requested by
Host: norvowbeta.pages.dev
URL: https://norvowbeta.pages.dev/robots.txt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.45.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/robots.txt
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:19 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1766c976b0c7cab64f6d726a8f44e106"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ANTiUt%2F6PxZdSdboF%2BHgibHNTKwjs684OAyMHPR9pFZbgO9Sga3DHwleNJrX6zNdzXn3HpJtDBcULMfQNtFbL%2Bnk3bTn8wTcGoojflvfGKwselpC5%2B1j9WRQEIuaYv4VEuZQS0QPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8848948a3ee87945-PMO
alt-svc
h3=":443"; ma=86400
script.js
norvowbeta.pages.dev/
2 KB
1 KB
Script
General
Full URL
https://norvowbeta.pages.dev/script.js
Requested by
Host: norvowbeta.pages.dev
URL: https://norvowbeta.pages.dev/robots.txt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.45.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e256dcc11cdf75ac5a9604fda5d212fcc500d28d21abae7bcb061ea245812487
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/robots.txt
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:19 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"968df9ab08da0e69c627944f74ddce08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ApBFxDRr0r%2Fe3%2FyIaNwpHGzFOMkKBmlB%2FW8UWk9qfEIRbKXcTdrsNFvuKFCaxZACsXrfmCOhvAZubloRgtjiPVrD%2B4xSmhlE3kbTGqC%2F3x7%2BrRos0YO9HviPghMoeop0gR9jk%2Bx5Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8848948a3ee97945-PMO
alt-svc
h3=":443"; ma=86400
23907078.js
js.hs-scripts.com/
2 KB
1 KB
Script
General
Full URL
https://js.hs-scripts.com/23907078.js
Requested by
Host: norvowbeta.pages.dev
URL: https://norvowbeta.pages.dev/robots.txt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.139.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc13277b306514ac1072b1a990b8faaaa87e885005bc61fb4791d1e3b982a5dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
dc18bf16-bf84-4e2e-aeca-7e3740c17c3e
x-envoy-upstream-service-time
50
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
dc18bf16-bf84-4e2e-aeca-7e3740c17c3e
last-modified
Thu, 16 May 2024 04:21:19 GMT
server
cloudflare
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://norvowbeta.pages.dev
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5d47c8d44f-jwsqc
access-control-allow-credentials
true
cache-control
public, max-age=90
cf-ray
8848948b9fd67952-PMO
expires
Thu, 16 May 2024 04:22:49 GMT
css2
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&family=Ubuntu:wght@400;500;700&display=swap
Requested by
Host: norvowbeta.pages.dev
URL: https://norvowbeta.pages.dev/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
426680e60f6491e7c81e7411967564b45a4e246ad65bcdfac6a45b514c63d626
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 May 2024 04:21:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 May 2024 04:21:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 May 2024 04:21:19 GMT
banner.jpg
norvowbeta.pages.dev/
352 KB
352 KB
Image
General
Full URL
https://norvowbeta.pages.dev/banner.jpg
Requested by
Host: norvowbeta.pages.dev
URL: https://norvowbeta.pages.dev/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.45.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8cf6f98e2f8ce67ef32ed51239f7d881783479dc6f6de2c05c32a202a389beb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/style.css
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:19 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5f8ab5317ade8d261439c537a2ae15d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6D6IoMoDX5ZjCkqfbSjqR%2Fwg41goXNZ7NgDwyy2x%2FSRzsO1ZaJH4l4ThS8ePPUlA4ZfpqqhOD0H11LvhD2vNQSnytl1Sl7nnjSH9VvFQX2lbKm9cC8BuMoAx1%2B4%2Fn9VeiAgrBC1%2Bhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8848948b8fe87945-PMO
alt-svc
h3=":443"; ma=86400
content-length
360059
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&family=Ubuntu:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://norvowbeta.pages.dev
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 14:33:01 GMT
x-content-type-options
nosniff
age
136098
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 14:33:01 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/
76 KB
77 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin
https://norvowbeta.pages.dev
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:19 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
107313
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
78196
last-modified
Sat, 06 Jan 2024 21:53:23 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6599bdc3-13174"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1YdENwidTXCqgoS%2BqN62%2BPZ3w2TsbMwCYL5tBFWKWDWdUiAgxmCBkDBXx%2B8UhQKMsVzC18qLwq3TTalE1qaBuAkBTPvKEXFltpaqkVvXLYi%2FJ2uv4ID7XkQ4m5h%2FGa2oZ2VbZx%2BE"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8848948bed4b794e-PMO
expires
Tue, 06 May 2025 04:21:19 GMT
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/
29 KB
29 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&family=Ubuntu:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f3.1e100.net
Software
sffe /
Resource Hash
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://norvowbeta.pages.dev
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 13:46:44 GMT
x-content-type-options
nosniff
age
398075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29752
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:05:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 May 2025 13:46:44 GMT
4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&family=Ubuntu:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f3.1e100.net
Software
sffe /
Resource Hash
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://norvowbeta.pages.dev
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 05:26:05 GMT
x-content-type-options
nosniff
age
428114
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30480
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 May 2025 05:26:05 GMT
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/
34 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&family=Ubuntu:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f3.1e100.net
Software
sffe /
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://norvowbeta.pages.dev
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 07:54:10 GMT
x-content-type-options
nosniff
age
160029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34852
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:31:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 07:54:10 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&family=Ubuntu:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f3.1e100.net
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://norvowbeta.pages.dev
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 14:28:49 GMT
x-content-type-options
nosniff
age
136350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 14:28:49 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&family=Ubuntu:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f3.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://norvowbeta.pages.dev
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 14:11:00 GMT
x-content-type-options
nosniff
age
137419
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 14:11:00 GMT
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/
13 KB
14 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin
https://norvowbeta.pages.dev
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:19 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15912
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13276
last-modified
Sat, 06 Jan 2024 21:53:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6599bdc0-33dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BMoZTsOHYDoPXp7DDoLg7n5k38EIvhiv94BB0rGiksnIUEldy7N%2BbEDMxNTaAoZ5vgoow2a87POsB7KXj6Ba4Rjzx1pXDWEbsscnoVrKCAxu9w7DG8U%2Fm%2Bt2EEGij1uJ2aeE5xGn"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8848948bed4a794e-PMO
expires
Tue, 06 May 2025 04:21:19 GMT
collectedforms.js
js.hscollectedforms.net/
69 KB
25 KB
Script
General
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/23907078.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.111.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/
Origin
https://norvowbeta.pages.dev
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:19 GMT
x-amz-version-id
WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W
via
1.1 68a3b1d5c75429221abc685a453afb60.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
12c5eae1-1670-4646-b0e9-ee4820941586
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=8848948da95f7945-MXP
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
2
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
12c5eae1-1670-4646-b0e9-ee4820941586
last-modified
Wed, 15 May 2024 14:34:44 UTC
server
cloudflare
etag
W/"7d377a186677c174f204d466b8fa5fdb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-w988t
cf-ray
8848948da95f7945-PMO
x-amz-cf-id
k924Gt9q-q8yKJY3uqizqeOsnN3Hax-FC695tA2Q1tdzb1WhwCAdCQ==
x-hs-target-asset
collected-forms-embed-js/static-1.503/bundles/project.js
banner.js
js.hs-banner.com/v2/23907078/
71 KB
23 KB
Script
General
Full URL
https://js.hs-banner.com/v2/23907078/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/23907078.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.27 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708f6bbf5051155ec84497cc16e008b2c982d7d0bf848bb574b01d5330e91d84

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:20 GMT
x-amz-version-id
5G4WhlXQjObZaqSQlU2tGdJyMkjZuuma
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
SEDV4HNK5VVJJNAR
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
9c89c508-5b5c-43ab-9a6e-b1c22e86e024
x-envoy-upstream-service-time
97
x-amz-id-2
9Fxp9pnDpoR7q8/mGAlvUan7QAec3IQ6rRbFpmM/lkiJDfKQ/kGzqwitXWn+hcPvsLJgDdzKat0=
x-evy-trace-listener
listener_https
x-request-id
9c89c508-5b5c-43ab-9a6e-b1c22e86e024
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 15 Apr 2024 17:06:44 GMT
server
cloudflare
etag
W/"9a449fe1fb1b0222031b0c5e9d9b913c"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://norvowbeta.pages.dev
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-2r68v
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
8848948daff774da-PMO
expires
Thu, 16 May 2024 04:26:19 GMT
conversations-embed.js
js.usemessages.com/
85 KB
25 KB
Script
General
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/23907078.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.78.142 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d4e5aee792d9d75eadf8e4ca62c941c36a9f76034e40144712f8e59dc1b4bfd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:19 GMT
x-amz-version-id
0_oQ0dHaEmmUrlEhSnL6xJfpilKXC1aR
via
1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
8fe82e76-95d3-437e-9473-44ef747a7e70
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.16323/bundles/project.js&cfRay=88438e232df5794b-MXP
x-cache
Hit from cloudfront
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding
br
age
272
x-envoy-upstream-service-time
1
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
8fe82e76-95d3-437e-9473-44ef747a7e70
last-modified
Wed, 15 May 2024 13:32:59 UTC
server
cloudflare
etag
W/"e1ddddb0ae1cd0f753fd72cf7bc94bec"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-lw8xd
cf-ray
8848948daff874da-PMO
x-amz-cf-id
we8BgKcVCOe8i_GxXxm9FSwUiWHWbF3jTpSnoo_Y0oJ63EjbHH9Mtw==
x-hs-target-asset
conversations-embed/static-1.16323/bundles/project.js
23907078.js
js.hs-analytics.net/analytics/1715833200000/
67 KB
21 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1715833200000/23907078.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/23907078.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.160.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e284fe98535ab58a6d463c42a03446975bc6a20cfef21b885ddd97c2fcf66bfe

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:19 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
SEDJD03KXWGMT4K6
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
211700e4-4070-43b9-b88c-1f11d1c45e5d
x-envoy-upstream-service-time
61
x-amz-id-2
vEyiyW0NpX+ndn3faO/mv7IKqKTSBa3lb+L06mAcwdYR33ozsv8fIRidwTB7j9fVQ/9rtrB1lfI=
x-evy-trace-listener
listener_https
x-request-id
211700e4-4070-43b9-b88c-1f11d1c45e5d
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 24 Apr 2024 18:57:08 GMT
server
cloudflare
etag
W/"d0b11ff64dca6b32057a9332042c245d"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-2r68v
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
8848948daf317c51-PMO
expires
Thu, 16 May 2024 04:26:19 GMT
public
api.hubspot.com/livechat-public/v1/message/ Frame
0
0
Preflight
General
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=23907078&conversations-embed=static-1.16323&mobile=false&messagesUtk=dc0a1127075f41d1ac526917c62a5f17&traceId=dc0a1127075f41d1ac526917c62a5f17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://norvowbeta.pages.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://norvowbeta.pages.dev
allow
HEAD,GET,OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8848948f1a107952-PMO
content-length
18
content-type
text/plain; charset=utf-8
date
Thu, 16 May 2024 04:21:19 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HzMjNjQRrspnFEpV4s0MqhXM%2BPLwKqgoIarH30Bpgv0DGzfLDZ5GC2DzkaUkU%2FIOQSIsNKNPI4jMuWokiAwuWt1Pm2Aikr7PtdXPbpx2JFe3CxJSUWKO7ZqXAVdV%2BzdSyw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5d47c8d44f-rfxfq
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
3888c9f1-0cfd-4f8d-96bc-515eb2fc6016
x-request-id
3888c9f1-0cfd-4f8d-96bc-515eb2fc6016
public
api.hubspot.com/livechat-public/v1/message/
3 KB
2 KB
XHR
General
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=23907078&conversations-embed=static-1.16323&mobile=false&messagesUtk=dc0a1127075f41d1ac526917c62a5f17&traceId=dc0a1127075f41d1ac526917c62a5f17
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2de6890bdf8c861109d77d19cdba9bce781d5956b23f2ae3fce7138855ec24a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
X-HubSpot-Messages-Uri
https://norvowbeta.pages.dev/robots.txt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
aa42f057-08e6-4e70-887f-8cdd6b8139d5
x-envoy-upstream-service-time
146
content-length
1376
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
aa42f057-08e6-4e70-887f-8cdd6b8139d5
server
cloudflare
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://norvowbeta.pages.dev
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5d47c8d44f-4ldzq
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2BBHYJpUYX7V2RuMRsfrTXPbt6GoLTBQWfcu6yViSR5BaIJJplqbKc0VbFNmWbqpJI1eSVcqxLu99ZR1hCSqil9NIZdN31yLI6SIzaeL1maxgSWevu3qwHDKleaafHmALQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
884894904ada7952-PMO
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
json
forms.hscollectedforms.net/collected-forms/v1/config/
134 B
475 B
XHR
General
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=23907078&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.111.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6accebeeda395f251f50618b0d6418ba2b9ac5f799b260dd63ab7bcd55d059e6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://norvowbeta.pages.dev/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
94c3d921-9bc5-4240-9a12-5a8d029fc734
x-envoy-upstream-service-time
9
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
94c3d921-9bc5-4240-9a12-5a8d029fc734
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://norvowbeta.pages.dev
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-qbnbs
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
8848948f5aac7945-PMO
counters.gif
forms.hsforms.com/embed/v3/
35 B
884 B
Image
General
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Requested by
Host: norvowbeta.pages.dev
URL: https://norvowbeta.pages.dev/robots.txt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
23916c9e-2fa2-4683-bf35-365cd1222950
x-envoy-upstream-service-time
11
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
23916c9e-2fa2-4683-bf35-365cd1222950
server
cloudflare
vary
origin
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-9fd6b4b-rxkvm
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
cf-ray
88489490db157952-PMO
__ptq.gif
track.hubspot.com/
45 B
1 KB
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=2999608170&v=1.1&a=23907078&pu=https%3A%2F%2Fnorvowbeta.pages.dev%2Frobots.txt&t=Norvow+Mobile&cts=1715833280306&vi=fcc300153ee92a571c1a4372f98318bf&nc=true&u=60008626.fcc300153ee92a571c1a4372f98318bf.1715833280304.1715833280304.1715833280304.1&b=60008626.1.1715833280304&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
839adf68-f15d-4705-a8f5-386cbd9a3177
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
5
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
839adf68-f15d-4705-a8f5-386cbd9a3177
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L56SivqSJ%2B%2B1ijh6cfFkw85%2FVI5A9tbfLhyZPH5Xh2eyjHKmQoobhIYUDOIYoXY5rOJC57cN1jOBYVBZiZhHt0Jzkt3a3Tcg%2FOT6csKIujWWc1cj7LUvNrFghlsh%2FIjHEtHB"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-9kkj8
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
88489492bd1074d8-PMO
x-robots-tag
none
favicon.ico
norvowbeta.pages.dev/
6 KB
2 KB
Other
General
Full URL
https://norvowbeta.pages.dev/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.45.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c483156e4f25ebbbb9fa8d08bfca81225e4ef309d27958d13f107d310ab7c365
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://norvowbeta.pages.dev/robots.txt
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:21:20 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1766c976b0c7cab64f6d726a8f44e106"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2BrjcLR0rSl%2FYmae976Ys5d%2FqGOq5BCiSOkX3X59x%2BpKvGXdTcHeLmF2Gg%2Fmuam3LsV%2BuZ3JcjOjW8k102iQiXaqCzNxpeuHNb6mFTZy0nuUizOVqXxC53%2B1dPn81lYgMxx1AcnfzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
884894921c4c7945-PMO
alt-svc
h3=":443"; ma=86400
dc0a1127075f41d1ac526917c62a5f17
app.hubspot.com/conversations-visitor/23907078/threads/utk/ Frame D564
0
0
Document
General
Full URL
https://app.hubspot.com/conversations-visitor/23907078/threads/utk/dc0a1127075f41d1ac526917c62a5f17?uuid=03f0bdd088604b5982c49149bcb17009&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=norvowbeta.pages.dev&inApp53=false&messagesUtk=dc0a1127075f41d1ac526917c62a5f17&url=https%3A%2F%2Fnorvowbeta.pages.dev%2Frobots.txt&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options no-sniff

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://norvowbeta.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
false
age
1025
cache-control
max-age=600
cache-tag
staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status
DYNAMIC
cf-ray
884894930d057945-PMO
content-encoding
br
content-security-policy-report-only
script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.18776/html/index.html&cfRay=884894930d057945&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F23907078%2Fthreads%2Futk%2Fdc0a1127075f41d1ac526917c62a5f17%3Fuuid%3D03f0bdd088604b5982c49149bcb17009%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Dnorvowbeta.pages.dev%26inApp53%3Dfalse%26messagesUtk%3Ddc0a1127075f41d1ac526917c62a5f17%26url%3Dhttps%253A%252F%252Fnorvowbeta.pages.dev%252Frobots.txt%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fnorvowbeta.pages.dev%2F&cfenv=prod&pdt=2024-05-16&csp=ro
content-type
text/html; charset=utf-8
date
Thu, 16 May 2024 04:21:20 GMT
etag
W/"2d007de43a408a8c79f18a22abd1571c"
last-modified
Wed, 15 May 2024 13:32:59 UTC
origin-trial
Aqk2Dm2ZNOeMxifFm26pJzN4DTOHc1z7UYEx7QaWtHTVqsFhooI36f0r5tbw602aKbEI4WJ0fgx7+KHwlyi4HwwAAABceyJvcmlnaW4iOiJodHRwczovL2h1YnNwb3QuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints
default="https://send.hsbrowserreports.com/csp/reports?cfRay=884894930d057945&resource=conversations-visitor-ui/static-1.18776/html/index.html"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
via
1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
x-amz-cf-id
5CpY2PQ055SvTLjgb0lLb-udOF3wMuUbqMEJ9Egu2MH0y_6OVRvsaQ==
x-amz-cf-pop
IAD12-P3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
fVpCfD2thNkF1yKLFUunxqarj98qwNN5
x-cache
Hit from cloudfront
x-content-type-options
no-sniff
x-envoy-upstream-service-time
9
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-lw8xd
x-evy-trace-virtual-host
all
x-hs-cache-status
MISS
x-hs-target-asset
conversations-visitor-ui/static-1.18776/html/index.html
x-hs-worker-debug-mode
false
x-hubspot-correlation-id
a0b0eca3-f7ab-4b58-aa96-c5d58b9cf1b2
x-request-id
a0b0eca3-f7ab-4b58-aa96-c5d58b9cf1b2

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery function| Typed function| Waypoint object| _hsp boolean| hubspot_live_messages_running object| HubSpotConversations object| _hsq object| __hsCollectedFormsDebug object| _paq function| sanitizeKey boolean| _hstc_loaded object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime

9 Cookies

Domain/Path Name / Value
.hsforms.com/ Name: __cf_bm
Value: 5zRGLfW0DQlBm.Ue_haNoGxOVUSPsmhgp8UsPf96KLs-1715833280-1.0.1.1-q2M8pfLmy8r7BKhZxZajZ2cgsAKns2HHUJmYheBac0hee.GYR4nnQMXB2jpKCEqLwsARcKvGlg1mOu.oGB0Ing
.hsforms.com/ Name: _cfuvid
Value: la1N8CLDryeW5WtkZyKJ139jZN_FJr5ko_VlF3Pt8qM-1715833280277-0.0.1.1-604800000
norvowbeta.pages.dev/ Name: __hstc
Value: 60008626.fcc300153ee92a571c1a4372f98318bf.1715833280304.1715833280304.1715833280304.1
norvowbeta.pages.dev/ Name: hubspotutk
Value: fcc300153ee92a571c1a4372f98318bf
norvowbeta.pages.dev/ Name: __hssrc
Value: 1
norvowbeta.pages.dev/ Name: __hssc
Value: 60008626.1.1715833280304
.norvowbeta.pages.dev/ Name: messagesUtk
Value: dc0a1127075f41d1ac526917c62a5f17
.hubspot.com/ Name: __cf_bm
Value: wtTk4wGhx_n4TvIwDC5xZOLJU9ZHWAVxq3XIfc.XK3M-1715833281-1.0.1.1-D5hhZXtrwy5ZayK7J9PfQglqcqD7UvUVtFaMCkyyhfD3P9VYgiJ26MPcP_S2t5ecJ.Vak3b36XG1oXF5vVZ0cw
.hubspot.com/ Name: _cfuvid
Value: g_gcpnF74IjbFI6RQgVkDSzX3X24IX3wJmwgw13TMXw-1715833281716-0.0.1.1-604800000

14 Console Messages

Source Level URL
Text
other warning URL: https://norvowbeta.pages.dev/robots.txt
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://norvowbeta.pages.dev/robots.txt
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://norvowbeta.pages.dev/robots.txt
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://norvowbeta.pages.dev/robots.txt
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://norvowbeta.pages.dev/robots.txt
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://norvowbeta.pages.dev/robots.txt
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://norvowbeta.pages.dev/robots.txt
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://norvowbeta.pages.dev/robots.txt
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://norvowbeta.pages.dev/robots.txt
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://norvowbeta.pages.dev/robots.txt
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://norvowbeta.pages.dev/robots.txt
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://norvowbeta.pages.dev/robots.txt
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://norvowbeta.pages.dev/robots.txt
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://norvowbeta.pages.dev/robots.txt
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
app.hubspot.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
forms.hsforms.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.usemessages.com
norvowbeta.pages.dev
track.hubspot.com
104.16.111.254
104.16.117.116
104.16.118.116
104.16.139.209
104.16.160.168
104.16.78.142
104.17.25.14
104.18.80.204
142.250.185.138
151.101.130.137
172.64.153.27
172.66.45.36
216.58.206.67
2de6890bdf8c861109d77d19cdba9bce781d5956b23f2ae3fce7138855ec24a6
426680e60f6491e7c81e7411967564b45a4e246ad65bcdfac6a45b514c63d626
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
6accebeeda395f251f50618b0d6418ba2b9ac5f799b260dd63ab7bcd55d059e6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d4e5aee792d9d75eadf8e4ca62c941c36a9f76034e40144712f8e59dc1b4bfd
708f6bbf5051155ec84497cc16e008b2c982d7d0bf848bb574b01d5330e91d84
77f3724eb04a61427930ea040fe9de5552bd1a8cff18132efaac9a7c1c3d2da0
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
c483156e4f25ebbbb9fa8d08bfca81225e4ef309d27958d13f107d310ab7c365
c4b8b8010aafc7b57ce17deb44ca6fb943a4b70debdb114b763b82cb763cd7a4
cc13277b306514ac1072b1a990b8faaaa87e885005bc61fb4791d1e3b982a5dc
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e256dcc11cdf75ac5a9604fda5d212fcc500d28d21abae7bcb061ea245812487
e284fe98535ab58a6d463c42a03446975bc6a20cfef21b885ddd97c2fcf66bfe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8cf6f98e2f8ce67ef32ed51239f7d881783479dc6f6de2c05c32a202a389beb
fa2cdc1f6dea82d7be6a219947193adc1c46532a10ac04195681f6cca53dbac3