support.norselabs.io Open in urlscan Pro
216.198.18.62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://support.norselabs.io/
Effective URL:
https://support.norselabs.io/hc/en-us
Submission: On June 26 via automatic, source certstream-suspicious (June 26th 2024, 4:06:01 pm UTC) — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 14 HTTP transactions. The main IP is 216.198.18.62, located in United States and belongs to AMAZON-02, US. The main domain is support.norselabs.io.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on August 22nd 2023. Valid for: a year.

This is the only time support.norselabs.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 7	216.198.18.62 216.198.18.62	16509 (AMAZON-02) (AMAZON-02)
4	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.153.8 172.67.153.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	216.198.18.60 216.198.18.60	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
14	6

7 216.198.18.62 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

support.norselabs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.153.8 (United States)

ASN13335 (CLOUDFLARENET, US)

norselabs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.198.18.60 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

norselabs.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	norselabs.io 2 redirects support.norselabs.io norselabs.io	98 KB
4	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2404	245 KB
1	gstatic.com fonts.gstatic.com	22 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	887 B
1	zendesk.com 1 redirects norselabs.zendesk.com	620 B
14	5

	Domain	Requested by
7	support.norselabs.io	2 redirects support.norselabs.io static.zdassets.com
4	static.zdassets.com	support.norselabs.io
2	norselabs.io	support.norselabs.io
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	support.norselabs.io
1	norselabs.zendesk.com	1 redirects
14	6

This site contains no links.

Subject Issuer	Validity	Valid
*.zendesk.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-22` - `2024-08-21`	a year	crt.sh
zdassets.com E1	`2024-05-01` - `2024-07-30`	3 months	crt.sh
norselabs.io E1	`2024-06-04` - `2024-09-02`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://support.norselabs.io/hc/en-us
Frame ID: 733685E08D8AA9285E12B606FBD96BA0
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NORSE Labs

Page URL History Show full URLs

https://support.norselabs.io/ HTTP 302
https://support.norselabs.io/hc HTTP 301
https://support.norselabs.io/hc/en-us Page URL

Detected technologies

Zendesk (CMS) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

14
Requests

50 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

365 kB
Transfer

1250 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://support.norselabs.io/ HTTP 302
https://support.norselabs.io/hc HTTP 301
https://support.norselabs.io/hc/en-us Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://norselabs.zendesk.com/auth/v2/host/without_iframe.js HTTP 302
https://static.zdassets.com/auth/89db87fa5856fd9ca1254fa82921aa9d71d02833/v2/host-without-iframe.js

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request en-us Show response
support.norselabs.io/hc/
Redirect Chain

https://support.norselabs.io/
https://support.norselabs.io/hc
https://support.norselabs.io/hc/en-us

10 KB
4 KB

142ms
142ms

Document
text/html

216.198.18.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support.norselabs.io/hc/en-us

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.198.18.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

9323982f9201489965a5b9043c5e21671c266875e319771e1dea598d2cbe957c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Content-Encoding: br
Content-Type: text/html; charset=utf-8
Date: Wed, 26 Jun 2024 16:05:54 GMT
Protocol: HTTP/1.1 always
Server: openresty
Transfer-Encoding: chunked
cache-control: max-age=0, public
cache-tag: resource:help_center#index, pod:pod28
cloudflare-cdn-cache-control: public, stale-while-revalidate=60, stale-if-error=10800, max-age=180
content-language: en-us
etag: W/"ff05abd7a1032aed7b5d9b889ba5243b"
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-runtime: 0.093678
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
x-zendesk-origin-server: app-server-785d866b55-hs5f8
x-zendesk-processed-host-header: support.norselabs.io

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Wed, 26 Jun 2024 16:05:54 GMT
Protocol: HTTP/1.1 always
Server: openresty
Transfer-Encoding: chunked
cache-control: max-age=0, public
cache-tag: resource:help_center#index, pod:pod28, locale-redirect
cloudflare-cdn-cache-control: public, stale-while-revalidate=60, stale-if-error=10800, max-age=180
content-language: en-us
location: https://support.norselabs.io/hc/en-us
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-runtime: 0.038085
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
x-zendesk-origin-server: app-server-785d866b55-k7j9f
x-zendesk-processed-host-header: support.norselabs.io

GET
H2 200 application-a42a464885a505c24ac3b0ab35047489.css
static.zdassets.com/hc/assets/ 55 KB
10 KB 210ms
85ms Stylesheet
text/css 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/application-a42a464885a505c24ac3b0ab35047489.css

Requested by

Host: support.norselabs.io
URL: https://support.norselabs.io/hc/en-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba2d68818246f93903142003b5d0dcf14c8536960078accd08f1d5813c61a485

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://support.norselabs.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 16:05:55 GMT
x-amz-version-id: Jm6bpbzCyZBWEX5rCECLgE.G9YmLzcCg
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 1C8YN4V31R0NZZB8
age: 148231
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: nzoQTqVYWo4SdeXd08MJ8RqL9t21wIynzJo/vYD7ZjnD9MvPjOE5lK/4RaemG342dlrorTyh0Jg=
last-modified: Thu, 30 May 2024 07:49:10 GMT
server: cloudflare
etag: W/"5191d4ea06bcc144e6774b0fe859528e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ocLCF3QTQjtmBOHg4aKWVbVfGESMondGf%2FUs6P766VF5EFn%2FNQLwdlvw1XDlq9MBj1tYin3PTpbWoIi0h1FnKuuhobZbc15gU%2BP1NRnwL3hQk5BTKWToQJfDnhX%2FUo1HKndHQ0I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=604800
access-control-max-age: 0
cf-ray: 899e710b9914c3ef-WAW
access-control-allow-headers: *

GET
H/1.1 200
OK style.css
support.norselabs.io/hc/theming_assets/21342675/14651260746140/ 95 KB
15 KB 128ms
127ms Stylesheet
text/css 216.198.18.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support.norselabs.io/hc/theming_assets/21342675/14651260746140/style.css?digest=14652785361180

Requested by

Host: support.norselabs.io
URL: https://support.norselabs.io/hc/en-us

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.198.18.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

58870489800526b58110c5430160c0a9b69e47dd4bc1a687aaedba5e4908a125

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://support.norselabs.io/hc/en-us
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-runtime: 0.036798
Date: Wed, 26 Jun 2024 16:05:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
Content-Encoding: br
Server: openresty
etag: W/"58870489800526b58110c5430160c0a9"
Transfer-Encoding: chunked
cache-tag: resource:theming_assets#show_css, pod:pod28
Content-Type: text/css; charset=utf-8
x-zendesk-origin-server: app-server-785d866b55-c4wxb
cache-control: max-age=604800, public
Connection: keep-alive
x-zendesk-processed-host-header: support.norselabs.io
Protocol: HTTP/1.1 always
x-ua-compatible: IE=edge

GET
H3 200 logo.svg
norselabs.io/assets/images/ 4 KB
2 KB 314ms
152ms Image
image/svg+xml 172.67.153.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://norselabs.io/assets/images/logo.svg
Requested by: Host: support.norselabs.io
URL: https://support.norselabs.io/hc/en-us
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.153.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5d715a0012c0389b9ccc8661fb7913d222496535fd825ed3d93784c390c770e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://support.norselabs.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 16:05:55 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Thu, 20 Jun 2024 23:38:59 GMT
server: cloudflare
etag: W/"6674bd93-11cf"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719417955&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=lKx1LonY%2F1KYhNfTOe5NL1ri3mc8oehSlW6rUY2Q8Kg%3D"}]}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 899e710bdf874db4-FRA
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719417955&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=lKx1LonY%2F1KYhNfTOe5NL1ri3mc8oehSlW6rUY2Q8Kg%3D

GET
H2 200 en-us.71c5d96c35a64d552c34.js Show response
static.zdassets.com/hc/assets/ 213 KB
39 KB 202ms
78ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/en-us.71c5d96c35a64d552c34.js

Requested by

Host: support.norselabs.io
URL: https://support.norselabs.io/hc/en-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

508c7af38cec34b2d1362b99deba1386e5d6f9523cf0c10a18c2b95126c3669b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://support.norselabs.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 16:05:55 GMT
x-amz-version-id: Sk.cU2cv2JXHMK9PM9h6_FFc5qd92675
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: CDV9SNTCKH0PBE08
age: 158197
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 7Beo12oxpxozYPv878H7AaxM5pzdza8FgkwB4KFUBzP/KbiFw+5OxnpAqx1pJHahJ+h39DKNsqg=
last-modified: Mon, 10 Jun 2024 14:04:12 GMT
server: cloudflare
etag: W/"71c5d96c35a64d552c34308b9395d3ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yXxgDkfsGJeR0QykhXNnfPoOT%2FOtIyraHpEyvUhlvmYD10e17Emk7bU%2Bk8Z8vIJ1huOaIs43jHik%2F1L%2B0Tbs8XvmqhZ8LPN1Arocz1UQljfNCLaCpNF3lnJf%2BJYQRXbr%2B7iRchs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=604800
access-control-max-age: 0
cf-ray: 899e710b9916c3ef-WAW
access-control-allow-headers: *

GET
H2

200

host-without-iframe.js Show response
static.zdassets.com/auth/89db87fa5856fd9ca1254fa82921aa9d71d02833/v2/
Redirect Chain

https://norselabs.zendesk.com/auth/v2/host/without_iframe.js
https://static.zdassets.com/auth/89db87fa5856fd9ca1254fa82921aa9d71d02833/v2/host-without-iframe.js

4 KB
2 KB

63ms
63ms

Script
application/javascript

104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/auth/89db87fa5856fd9ca1254fa82921aa9d71d02833/v2/host-without-iframe.js

Requested by

Host: support.norselabs.io
URL: https://support.norselabs.io/hc/en-us

Protocol

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

815cb9a439421a1e917858677ddbe8896d1e3d020675f744d28c1044d310c5a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://support.norselabs.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 26 Jun 2024 16:05:55 GMT
x-amz-version-id: UcurJa9gO4qNax1nRVE.Kte3rytLBcpK
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DFGNW55C3YYTKC8M
age: 3662
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: E++qQ1i2lKBUvPkoNabWBBsFZThYAh3iC1O7P5k1vOHhmHWhQjBK/9VQA0/gDuyVZy+wD5WI8ZA=
last-modified: Fri, 31 May 2024 16:46:34 GMT
server: cloudflare
etag: W/"5b4108839314bd0071242d1680beebf6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tHgbGLOJlW%2BUnQFlw4Wq%2B9CjvGi7qNgZ1wl%2BiaIvE3sIUhKHkuCtkI7LE9ODJpjcdylGuzVGXR%2FWbYx2dGOOpQ5vKwSywBRKPNyEqEILGpBBM7As7mpfuvV%2FDJoJjp0LjEcE%2FK0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 0
cf-ray: 899e710d3badc3ef-WAW
access-control-allow-headers: *

Redirect headers

x-runtime: 0.046661
Date: Wed, 26 Jun 2024 16:05:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
Server: openresty
X-Zendesk-Zorg: yes
vary: Accept
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
Content-Type: text/html; charset=utf-8
location: https://static.zdassets.com/auth/89db87fa5856fd9ca1254fa82921aa9d71d02833/v2/host-without-iframe.js
cache-control: max-age=86400, public
x-zendesk-origin-server: classic-app-server-577d9b8dc4-2rqcc
Connection: keep-alive
Content-Length: 165
x-xss-protection: 1; mode=block
X-Request-ID: beeacfd493ae5274c54b5b9b951e7e12

GET
H2 200 hc_enduser-b87934abd9b57d19cfd0e8ebe5f1c50e.js Show response
static.zdassets.com/hc/assets/ 602 KB
195 KB 76ms
76ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/hc_enduser-b87934abd9b57d19cfd0e8ebe5f1c50e.js

Requested by

Host: support.norselabs.io
URL: https://support.norselabs.io/hc/en-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2fb68048e2da951328f6d36750b99af6841714f88642012b3a8f7cb8ffff8dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://support.norselabs.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 16:05:55 GMT
x-amz-version-id: jdBsttEwLKeAZKaFwyjWBGXiKzjYp8BC
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: BNZYCHF37S12K9FP
age: 181998
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: fwxwJWcuDq7yajTBXcosaK3o050uGuoVArNK3FKvDGq8Bas40MH4f59IxlUyoNRWlkiQ/kebeB4=
last-modified: Mon, 17 Jun 2024 13:30:00 GMT
server: cloudflare
etag: W/"eb6b5b65c2dde9b50168d618e72d65f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7q5wgzP0LQUKSOKdGshdD9AO1oO4TKcSl70%2FYbJBBUHakHRV7SxWrFd6snrro99ujBhxk9KQC3r72IkpsL8MpNYN5Uea21fubi0eaoVbvo2a%2BFprp%2BfabRv%2BR8wPX3DjnREFpqY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=604800
access-control-max-age: 0
cf-ray: 899e710c8aafc3ef-WAW
access-control-allow-headers: *

GET
H/1.1 200
OK script.js Show response
support.norselabs.io/hc/theming_assets/21342675/14651260746140/ 19 KB
5 KB 76ms
76ms Script
text/javascript 216.198.18.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support.norselabs.io/hc/theming_assets/21342675/14651260746140/script.js?digest=14652785361180

Requested by

Host: support.norselabs.io
URL: https://support.norselabs.io/hc/en-us

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.198.18.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

cb699e99d473eed2b3e38b9cc9524ffba9b24e5749bdd36c3067d2d545913a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://support.norselabs.io/hc/en-us
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 26 Jun 2024 16:05:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
Content-Encoding: br
Transfer-Encoding: chunked
cache-tag: resource:theming_assets#show_javascript, pod:pod28
x-zendesk-origin-server: app-server-785d866b55-hs5f8
Connection: keep-alive
Protocol: HTTP/1.1 always
x-ua-compatible: IE=edge
x-runtime: 0.024949
Server: openresty
etag: W/"cb699e99d473eed2b3e38b9cc9524ffb"
vary: Accept
Content-Type: text/javascript; charset=utf-8
cache-control: max-age=604800, public
x-zendesk-processed-host-header: support.norselabs.io

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
887 B 148ms
52ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Space+Grotesk:wght@300..700&display=swap

Requested by

Host: support.norselabs.io
URL: https://support.norselabs.io/hc/theming_assets/21342675/14651260746140/style.css?digest=14652785361180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

842496f80d083fac62d7881ba5924126ca356094f8c94beebbe23cec766b398f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://support.norselabs.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Jun 2024 16:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 26 Jun 2024 15:58:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Jun 2024 16:05:55 GMT

GET
H3 200 background.svg
norselabs.io/assets/images/ 213 KB
59 KB 258ms
257ms Image
image/svg+xml 172.67.153.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://norselabs.io/assets/images/background.svg
Requested by: Host: support.norselabs.io
URL: https://support.norselabs.io/hc/theming_assets/21342675/14651260746140/style.css?digest=14652785361180
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.153.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30de5b4339709d2a07c60666e847cd77e5d611e359ae0e2077d77ea9410c5b76

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://support.norselabs.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 16:05:55 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Thu, 20 Jun 2024 23:38:59 GMT
server: cloudflare
etag: W/"6674bd93-355c0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719417955&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=lKx1LonY%2F1KYhNfTOe5NL1ri3mc8oehSlW6rUY2Q8Kg%3D"}]}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 899e710c98744db4-FRA
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719417955&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=lKx1LonY%2F1KYhNfTOe5NL1ri3mc8oehSlW6rUY2Q8Kg%3D

GET
H2 200 V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2
fonts.gstatic.com/s/spacegrotesk/v16/ 22 KB
22 KB 127ms
39ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/spacegrotesk/v16/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Space+Grotesk:wght@300..700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d707172ce856c4ce5413ba9adb35483106a2f1ad9b4fdd285f3b1540cb4f7e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://support.norselabs.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 16:12:24 GMT
x-content-type-options: nosniff
age: 345211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22284
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:44:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Jun 2025 16:12:24 GMT

POST
H/1.1 200
OK activity
support.norselabs.io/hc/ 0
0 47ms
47ms Fetch
text/html 216.198.18.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support.norselabs.io/hc/activity

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-b87934abd9b57d19cfd0e8ebe5f1c50e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.198.18.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://support.norselabs.io/hc/en-us
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-runtime: 0.001962
Date: Wed, 26 Jun 2024 16:05:55 GMT
Content-Encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
Server: openresty
x-permitted-cross-domain-policies: none
x-download-options: noopen
Transfer-Encoding: chunked
x-frame-options: SAMEORIGIN
Content-Type: text/html
X-Zendesk-Zorg: yes
Connection: keep-alive
x-xss-protection: 1; mode=block
X-Request-ID: e64164feb8aaab5eb3bb274bf9c62be3

GET
BLOB 200
OK e8fd568b-079a-467f-af91-b5a2b122d811
https://support.norselabs.io/ 819 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://support.norselabs.io/e8fd568b-079a-467f-af91-b5a2b122d811
Requested by: Host: support.norselabs.io
URL: https://support.norselabs.io/hc/en-us
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b54315aa20706ade20a86f6e6e84fdc06e18f4aa8a61f0584a30b717c3cfad9f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 819
Content-Type

GET
H/1.1 200
OK 01J1AMETV6H1MPT679VXAAQAV8
support.norselabs.io/hc/theming_assets/ 10 KB
11 KB 110ms
110ms Other
image/png 216.198.18.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support.norselabs.io/hc/theming_assets/01J1AMETV6H1MPT679VXAAQAV8

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.198.18.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

8542e3429f974c51584c1e4810591de246a9ce98d9ee6941c926a29cd2726bd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://support.norselabs.io/hc/en-us
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 26 Jun 2024 16:05:55 GMT
x-amz-version-id: GNZLg7qYNQfV8axkEViaFqWDVT29CMcs
X-Content-Type-Options: nosniff
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="4d9399e7470e71ea045d07cec79d3094e6e02451.png"
Connection: keep-alive
Content-Length: 10620
Last-Modified: Wed, 26 Jun 2024 16:01:03 GMT
Server: openresty
ETag: "f6e1199ffb1e7e14821a056e8ee582d7"
Content-Type: image/png
Access-Control-Allow-Origin: *
cache-control: max-age=259200, public
Accept-Ranges: bytes
X-Robots-Tag: none, noarchive

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			support.norselabs.io/	1969-12-31 23:59:59	Name: _help_center_session Value: S0ZYMGFMS3RlZzlqTlRDRWVCd2FtTG5lTitLSWxNQnFXYWxSU3BGWm9xc0wzL053a2F4L09EbTE0WlZWdGVDOTA1bTZQeEhMUTd0NVZCcmpMV0VoSkE9PS0tT2Qyb215YVhJdytkakZuTEtydHZoQT09--492147a332416576fae4458453d9cdc988b3b271

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
norselabs.io
norselabs.zendesk.com
static.zdassets.com
support.norselabs.io
104.18.72.113
172.67.153.8
216.198.18.60
216.198.18.62
2a00:1450:4001:800::200a
2a00:1450:4001:829::2003
30de5b4339709d2a07c60666e847cd77e5d611e359ae0e2077d77ea9410c5b76
508c7af38cec34b2d1362b99deba1386e5d6f9523cf0c10a18c2b95126c3669b
58870489800526b58110c5430160c0a9b69e47dd4bc1a687aaedba5e4908a125
7d707172ce856c4ce5413ba9adb35483106a2f1ad9b4fdd285f3b1540cb4f7e4
815cb9a439421a1e917858677ddbe8896d1e3d020675f744d28c1044d310c5a5
842496f80d083fac62d7881ba5924126ca356094f8c94beebbe23cec766b398f
8542e3429f974c51584c1e4810591de246a9ce98d9ee6941c926a29cd2726bd1
9323982f9201489965a5b9043c5e21671c266875e319771e1dea598d2cbe957c
a2fb68048e2da951328f6d36750b99af6841714f88642012b3a8f7cb8ffff8dc
b54315aa20706ade20a86f6e6e84fdc06e18f4aa8a61f0584a30b717c3cfad9f
b5d715a0012c0389b9ccc8661fb7913d222496535fd825ed3d93784c390c770e
ba2d68818246f93903142003b5d0dcf14c8536960078accd08f1d5813c61a485
cb699e99d473eed2b3e38b9cc9524ffba9b24e5749bdd36c3067d2d545913a39

support.norselabs.io Open in urlscan Pro 216.198.18.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

50 %HTTPS

33 %IPv6

5 Domains

6 Subdomains

6 IPs

3 Countries

365 kBTransfer

1250 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

support.norselabs.io Open in urlscan Pro
216.198.18.62 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

50 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

365 kB
Transfer

1250 kB
Size

1
Cookies

14 HTTP transactions
0 data transactions