urlscan.io logo urlscan.io
SecurityTrails logo

help.norori.media Open in urlscan Pro
34.117.157.228  Public Scan

Go To Rescan Add Verdict Report
URL: https://help.norori.media/
Submission: On May 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 27 HTTP transactions. The main IP is 34.117.157.228, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is help.norori.media.
TLS certificate: Issued by R3 on May 27th 2024. Valid for: 3 months.
This is the only time help.norori.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 34.117.157.228 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700:440... 13335 (CLOUDFLAR...)
1 3 2400:52e0:1e0... 200325 (BUNNYCDN)
5 2400:52e0:1e0... 200325 (BUNNYCDN)
4 34.149.136.106 15169 (GOOGLE)
27 7
6    34.117.157.228 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 228.157.117.34.bc.googleusercontent.com
help.norori.media
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
8    2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
ka-p.fontawesome.com
3    2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)
widget.getgist.com
gist-widget.b-cdn.net
5    2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.getgist.com
4    34.149.136.106 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 106.136.149.34.bc.googleusercontent.com
data.getgist.com
events.getgist.com
Apex Domain
Subdomains		 Transfer
10 getgist.com
widget.getgist.com — Cisco Umbrella Rank: 197616
web-api.getgist.com Failed
cdn.getgist.com — Cisco Umbrella Rank: 195868
data.getgist.com — Cisco Umbrella Rank: 252050
events.getgist.com — Cisco Umbrella Rank: 247290
243 KB
8 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1866
ka-p.fontawesome.com — Cisco Umbrella Rank: 3346
165 KB
6 norori.media
help.norori.media
142 KB
2 b-cdn.net
gist-widget.b-cdn.net — Cisco Umbrella Rank: 291966
293 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 380
31 KB
27 5
Domain Requested by
6 ka-p.fontawesome.com kit.fontawesome.com
6 help.norori.media help.norori.media
5 cdn.getgist.com widget.getgist.com
gist-widget.b-cdn.net
2 events.getgist.com widget.getgist.com
2 data.getgist.com widget.getgist.com
2 gist-widget.b-cdn.net help.norori.media
widget.getgist.com
2 kit.fontawesome.com help.norori.media
kit.fontawesome.com
1 widget.getgist.com 1 redirects
1 ajax.googleapis.com help.norori.media
0 web-api.getgist.com Failed help.norori.media
27 10

This site contains links to these domains. Also see Links.

Domain
getgist.com
Subject Issuer Validity Valid
support.streamlineduniversity.com
R3		 2024-05-27 -
2024-08-25		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
cdn.getgist.com
R3		 2024-05-06 -
2024-08-04		 3 months crt.sh
*.getgist.com
R3		 2024-03-11 -
2024-06-09		 3 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2023-11-05 -
2024-11-11		 a year crt.sh

This page contains 3 frames:

Primary Page: https://help.norori.media/
Frame ID: 216E539C9EA696D87980BF032A811D4C
Requests: 22 HTTP requests in this frame

Frame: https://gist-widget.b-cdn.net/messenger/bundle-f193bffbfabfd39933e9.min.js
Frame ID: 929798A33806F96E649995B3F635D4AE
Requests: 4 HTTP requests in this frame

Frame: https://cdn.getgist.com/projects/3434/logo-header-M.png?1600846268
Frame ID: 953352ABB4E821388C0C43CF8AE356DC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Help Center

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

93 %
HTTPS

67 %
IPv6

5
Domains

10
Subdomains

7
IPs

2
Countries

931 kB
Transfer

2643 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://widget.getgist.com/ HTTP 301
  • https://gist-widget.b-cdn.net/gist-2e7f852a33.min.js
Request Chain 12
  • https://assets.getgist.com/ HTTP 302
  • https://web-api.getgist.com/users/sign_in

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
help.norori.media/ 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://help.norori.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.228 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
228.157.117.34.bc.googleusercontent.com
Software
nginx/1.18.0 + Phusion Passenger(R) 6.0.17 / Phusion Passenger(R) 6.0.17
Resource Hash
29e018145a616bdb43c273c3da3a9f98fadff8253a1409b9ec0ac10ad0911ce8

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
content-type
text/html
date
Mon, 27 May 2024 08:43:40 GMT
server
nginx/1.18.0 + Phusion Passenger(R) 6.0.17
status
200 OK
via
1.1 google
x-powered-by
Phusion Passenger(R) 6.0.17
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
Requested by
Host: help.norori.media
URL: https://help.norori.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://help.norori.media/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 17:27:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31100
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 18:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 May 2025 17:27:18 GMT
style.css
help.norori.media/themes/theme_1/ 		109 KB
110 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://help.norori.media/themes/theme_1/style.css
Requested by
Host: help.norori.media
URL: https://help.norori.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.228 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
228.157.117.34.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4143db980eb823b8989206e763667ffa5c3784e637e2923ae4644e51ae3787e3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://help.norori.media/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:43:40 GMT
via
1.1 google
last-modified
Thu, 23 May 2024 08:18:46 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"664efbe6-1b5ce"
content-type
text/css
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112078
application-55a7ec39b5a271285ee60a9a33e399ac78caa7a4c2d8828f1ddf29298dbcbd3f.js
help.norori.media/assets/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://help.norori.media/assets/application-55a7ec39b5a271285ee60a9a33e399ac78caa7a4c2d8828f1ddf29298dbcbd3f.js
Requested by
Host: help.norori.media
URL: https://help.norori.media/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.157.228 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
228.157.117.34.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
55a7ec39b5a271285ee60a9a33e399ac78caa7a4c2d8828f1ddf29298dbcbd3f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://help.norori.media/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:43:40 GMT
via
1.1 google
last-modified
Thu, 23 May 2024 08:18:46 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"664efbe6-374f"
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14159
script.js
help.norori.media/themes/theme_1/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://help.norori.media/themes/theme_1/script.js
Requested by
Host: help.norori.media
URL: https://help.norori.media/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.157.228 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
228.157.117.34.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fa6b57c32034c944d110751fc93e4c8249b07c8362be40003e5e1bd0914ce45b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://help.norori.media/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:43:40 GMT
via
1.1 google
last-modified
Thu, 23 May 2024 08:18:46 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"664efbe6-dfa"
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3578
331cee397a.js
kit.fontawesome.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/331cee397a.js
Requested by
Host: help.norori.media
URL: https://help.norori.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6087959da3949c820899f0adf134e094db8d5d4c965de700e579d35be8102d9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://help.norori.media/
Origin
https://help.norori.media
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:43:40 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
88a4b7f79d985d6f-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F9NL-hmicz0gohQISf9h
logo-icon.png
help.norori.media/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://help.norori.media/img/logo-icon.png
Requested by
Host: help.norori.media
URL: https://help.norori.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.228 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
228.157.117.34.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
038e8922a63d3fe642316aaed6091ab02bd881939b7c94778be6ed0b5831877e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://help.norori.media/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:43:40 GMT
via
1.1 google
last-modified
Thu, 23 May 2024 08:18:46 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"664efbe6-19a0"
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6560
pro.min.css
ka-p.fontawesome.com/releases/v6.5.2/css/ 		672 KB
118 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=331cee397a
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/331cee397a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01a3066991f4af85d35aaa0068aa00054f9762f39c263853f49518d5f9784c4b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://help.norori.media/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:43:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 02 Apr 2024 15:26:26 GMT
server
cloudflare
etag
"660c23a2-1d791"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
88a4b7faa9ab5d6f-FRA
content-length
120721
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v6.5.2/css/ 		27 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v4-shims.min.css?token=331cee397a
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/331cee397a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f3387f11826be4923a2d3a8c1542780abd6d4c66ce13f2de770f2e386989593

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://help.norori.media/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:43:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 02 Apr 2024 15:26:24 GMT
server
cloudflare
etag
"660c23a0-10e7"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
88a4b7faa9ac5d6f-FRA
content-length
4327
pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.5.2/css/ 		50 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v5-font-face.min.css?token=331cee397a
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/331cee397a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1580a6a19cb081a84215f13b42f765469beb87d7401f16349760cd067fc4da71

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://help.norori.media/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:43:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 02 Apr 2024 15:26:24 GMT
server
cloudflare
etag
"660c23a0-1c3b"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
88a4b7faa9a75d6f-FRA
content-length
7227
pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v6.5.2/css/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v4-font-face.min.css?token=331cee397a
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/331cee397a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
516640faeb856df6599d165f26ee51ce8cbaaf34f7c09d818509e75f6a48ae13

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://help.norori.media/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:43:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 02 Apr 2024 15:26:24 GMT
server
cloudflare
etag
"660c23a0-6ca"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
88a4b7faa9a95d6f-FRA
content-length
1738
kit-upload.css
kit.fontawesome.com/331cee397a/58172985/ 		0
130 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/331cee397a/58172985/kit-upload.css
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/331cee397a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://help.norori.media/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:43:40 GMT
cf-cache-status
MISS
server
cloudflare
etag
54af53b207eef226d6511e0a88e3038e
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926, public, must-revalidate
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges
bytes
cf-ray
88a4b7fa99895d6f-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
content-length
0
x-request-id
F9NL-iMD7Pgk4yIHLQaB
gist-2e7f852a33.min.js
gist-widget.b-cdn.net/
Redirect Chain
  • https://widget.getgist.com/
  • https://gist-widget.b-cdn.net/gist-2e7f852a33.min.js
188 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gist-widget.b-cdn.net/gist-2e7f852a33.min.js
Requested by
Host: help.norori.media
URL: https://help.norori.media/en/
Protocol
H2
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
9ad446e4f2ed82e9de4b99852689fdc883853b1a5a92c0b99a21caad1bfcc67c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://help.norori.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Mon, 27 May 2024 08:43:40 GMT
content-encoding
br
cdn-edgestorageid
1080
perma-cache
HIT
cdn-storageserver
DE-679
cdn-cachedat
05/21/2024 04:26:18
cdn-pullzone
1448292
last-modified
Tue, 21 May 2024 03:27:18 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
658
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"664c1496-2ee5c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
4939ba61-207d-4ad1-b25b-59f00ef884fc
cache-control
max-age=25600000
cdn-requestid
6d8c0cae2dad3bb37529efd4d4392190
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True

Redirect headers

date
Mon, 27 May 2024 08:43:40 GMT
server
BunnyCDN-DE1-1081
content-type
text/html
location
https://gist-widget.b-cdn.net/gist-2e7f852a33.min.js
cdn-uid
4939ba61-207d-4ad1-b25b-59f00ef884fc
cache-control
no-cache
cdn-pullzone
1448292
cdn-requestid
47b200155ac684dbfaac7ba6eeeeda18
cdn-requestcountrycode
DE
content-length
162
sign_in
web-api.getgist.com/users/
Redirect Chain
  • https://assets.getgist.com/
  • https://web-api.getgist.com/users/sign_in
0
0
truncated
/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbe221ebad232b77875137e9276a12c9de22836940cc179d793058801edfed27

Request headers

Referer
Origin
https://help.norori.media
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
truncated
/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03438676276cac93c1c2d034091c4b3ff7eb802df16a09cbd28e4414e1e97204

Request headers

Referer
Origin
https://help.norori.media
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
project_ug2vsgqf.txt
cdn.getgist.com/widget/settings/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.getgist.com/widget/settings/project_ug2vsgqf.txt
Requested by
Host: widget.getgist.com
URL: https://widget.getgist.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
e940e0299bd0f3fe99b4ba858148ec604398626bec67ed2fe17a0a065d5ee9ef

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://help.norori.media/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:43:41 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
6CWPK5AF9Z35SDHW
x-amz-server-side-encryption
AES256
cdn-cachedat
05/27/2024 08:43:41
cdn-pullzone
1321525
x-amz-id-2
3UHcBfBU7ChXs12qr7pkBZm3Al6KwNuATb+A9aGaQ9aPEnSPZCHr8IO5eEuZa91djNwVC7iGvR4=
last-modified
Sat, 25 May 2024 16:42:05 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"e35eb9ec8a37f06a65b206e666c85a67"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
4939ba61-207d-4ad1-b25b-59f00ef884fc
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=0
access-control-max-age
3000
cdn-requestid
d8dcdd23be7851e45bcba2bfc4cadad9
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
favicon.ico
help.norori.media/ 		0
14 B 		Other
General
Check archive.org
Download Go to
Full URL
https://help.norori.media/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.157.228 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
228.157.117.34.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://help.norori.media/en/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:43:41 GMT
via
1.1 google
last-modified
Thu, 23 May 2024 08:18:46 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"664efbe6-0"
content-type
image/x-icon
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
contact_data
data.getgist.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://data.getgist.com/contact_data
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.136.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.136.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 + Phusion Passenger(R) 6.0.10 / Phusion Passenger(R) 6.0.10
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://help.norori.media
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://help.norori.media
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain
date
Mon, 27 May 2024 08:43:41 GMT
server
nginx/1.18.0 + Phusion Passenger(R) 6.0.10
status
200 OK
via
1.1 google
x-powered-by
Phusion Passenger(R) 6.0.10
contact_data
data.getgist.com/ 		1 KB
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.getgist.com/contact_data
Requested by
Host: widget.getgist.com
URL: https://widget.getgist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.136.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.136.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 + Phusion Passenger(R) 6.0.10 / Phusion Passenger(R) 6.0.10
Resource Hash
96d4a213d69683c456f3f244e896c59807616b583e709300e910a707a92a07e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://help.norori.media/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 27 May 2024 08:43:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
x-powered-by
Phusion Passenger(R) 6.0.10
status
200 OK
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
x-request-id
a9a6dd9d-2acc-40aa-ac20-29e195d1533b
x-runtime
0.129026
server
nginx/1.18.0 + Phusion Passenger(R) 6.0.10
etag
W/"96d4a213d69683c456f3f244e896c598"
vary
Origin
access-control-max-age
1728000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://help.norori.media
access-control-allow-methods
POST, OPTIONS
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
bundle-f193bffbfabfd39933e9.min.js
gist-widget.b-cdn.net/messenger/ Frame 9297 		1 MB
250 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gist-widget.b-cdn.net/messenger/bundle-f193bffbfabfd39933e9.min.js
Requested by
Host: widget.getgist.com
URL: https://widget.getgist.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
d887054820369e92ef07d1b4a0bc7fa2411d94aa7b09340187044927afe1306d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:43:41 GMT
content-encoding
br
cdn-edgestorageid
1081
perma-cache
HIT
cdn-storageserver
DE-680
cdn-cachedat
05/15/2024 03:38:28
cdn-pullzone
1448292
last-modified
Wed, 15 May 2024 03:37:59 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
756
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"66442e17-119f0f"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
4939ba61-207d-4ad1-b25b-59f00ef884fc
cache-control
max-age=25600000
cdn-requestid
02a361f4819481a7935f57f138b83577
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
newMessage.mp3
cdn.getgist.com/audios/ Frame 9297 		13 KB
14 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.getgist.com/audios/newMessage.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
d87d54e6340484357925b04c989ee12820ffd1e47f3e558d98da24f8a9a471ec

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:43:41 GMT
cdn-edgestorageid
1079
x-amz-request-id
B8AZTS4RDAYD2XZV
Content-Range
bytes 0-13616/13617
cdn-cachedat
04/26/2024 08:59:21
cdn-pullzone
1321525
Content-Length
13617
x-amz-id-2
aKekpLPQAivcikEuhK7WXig0vweQhmc2KYFm8Ra19OlvyHCTR40mT0vW4lWFA91GNj+Tq7uO9hY=
last-modified
Tue, 03 Mar 2020 08:32:28 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"867ba87f34232acec3114becad115ce3"
content-type
audio/mp3
cdn-cache
HIT
cdn-uid
4939ba61-207d-4ad1-b25b-59f00ef884fc
cache-control
public, max-age=0
cdn-requestid
c2cb905f5e4dbb6c176515bc2c5c42ca
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
newConversation.mp3
cdn.getgist.com/audios/ Frame 9297 		5 KB
5 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.getgist.com/audios/newConversation.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
a0d281e6c15cf008af15ccf4d66eb4b410d9b9eab1a6c28d174d7aaa003c3862

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:43:41 GMT
cdn-edgestorageid
1079
x-amz-request-id
EE7KPWJGXYFT7D9B
Content-Range
bytes 0-5030/5031
cdn-cachedat
03/26/2024 20:58:47
cdn-pullzone
1321525
Content-Length
5031
x-amz-id-2
4y2XiL4PmoonKtnu3MLr6O2dkR6vbY0RDffU8CxTynF5QZeRA/52hqioFP7i3vUtKATPQfx54B4=
last-modified
Tue, 03 Mar 2020 08:32:41 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"cdaee4ceec32d333f7d7066e16506e70"
content-type
audio/mp3
cdn-cache
HIT
cdn-uid
4939ba61-207d-4ad1-b25b-59f00ef884fc
cache-control
public, max-age=0
cdn-requestid
bc446706d9768dd2238989fe7d00f989
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
pro-fa-solid-900-13.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-solid-900-13.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5fb457fc69058cd84b72db3a52c0ef9961aa7d18e7bab081d7f1953a7cc23dd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://help.norori.media/
Origin
https://help.norori.media
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:43:41 GMT
cf-cache-status
MISS
last-modified
Tue, 02 Apr 2024 15:51:22 GMT
server
cloudflare
etag
"660c297a-37d0"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
88a4b7fffff95d6f-FRA
content-length
14288
pro-fa-regular-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-regular-400-0.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66c209bb66c3374009b80476f3e0e8247995dd55c65fcef67ac12e5ea179411b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://help.norori.media/
Origin
https://help.norori.media
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:43:41 GMT
cf-cache-status
MISS
last-modified
Tue, 02 Apr 2024 15:51:16 GMT
server
cloudflare
etag
"660c2974-3914"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
88a4b7fffffb5d6f-FRA
content-length
14612
event_data
events.getgist.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.getgist.com/event_data
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.136.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.136.149.34.bc.googleusercontent.com
Software
uvicorn /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://help.norori.media
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://help.norori.media
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Mon, 27 May 2024 08:43:40 GMT
server
uvicorn
vary
Origin
via
1.1 google
event_data
events.getgist.com/ 		0
12 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.getgist.com/event_data
Requested by
Host: widget.getgist.com
URL: https://widget.getgist.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.136.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.136.149.34.bc.googleusercontent.com
Software
uvicorn /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://help.norori.media/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 27 May 2024 08:43:40 GMT
via
1.1 google
access-control-allow-credentials
true
server
uvicorn
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
en_translation.json
cdn.getgist.com/translation_files/ Frame 9297 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.getgist.com/translation_files/en_translation.json
Requested by
Host: gist-widget.b-cdn.net
URL: https://gist-widget.b-cdn.net/messenger/bundle-f193bffbfabfd39933e9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
2ee348af7adf2482407aff1bc1811c79fa677c3dd2ffef50a65187a047d9b1ac

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:43:41 GMT
cdn-edgestorageid
1082
x-amz-request-id
KRWPQGZ3BHVBNPDE
x-amz-server-side-encryption
AES256
cdn-cachedat
12/04/2023 05:43:41
cdn-pullzone
1321525
content-length
3982
x-amz-id-2
Jf+uIauiF+5uAwnGMJapHo7gQaqSNOrcWVNtTrc9uRh1c1VlcowQQ47GoFw9Hx6+qlxQoPNZj+Q=
last-modified
Wed, 16 Aug 2023 10:28:27 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"5129fa3fd4127df868c0b7bb053fa01a"
access-control-max-age
3000
access-control-allow-methods
GET
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
4939ba61-207d-4ad1-b25b-59f00ef884fc
cache-control
public, max-age=0
cdn-requestid
f4aca34be7012d5ce97c96e30a917e80
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
logo-header-M.png
cdn.getgist.com/projects/3434/ Frame 9533 		213 KB
214 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.getgist.com/projects/3434/logo-header-M.png?1600846268
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
ffeec6255832e46102ccb2a71cd674ac89a810dad1c598071e17baf2ad13f46e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://help.norori.media/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:43:41 GMT
cdn-edgestorageid
1082
x-amz-request-id
XBB16HVF93EC0GV8
cdn-cachedat
05/27/2024 08:43:41
cdn-pullzone
1321525
content-length
218504
x-amz-id-2
OQTC/d+tPK9xLTVAAhMxvfg29lNyWScMFN4wxKuv5lY/+pM7H+a099/+QIWF4IobnLXY3oDdqSI=
last-modified
Wed, 23 Sep 2020 07:31:09 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"71ac03bd8357b3297f2465a70483f631"
content-type
image/png
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
4939ba61-207d-4ad1-b25b-59f00ef884fc
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=0
cdn-requestid
81f3db0a08e8a879ba4a1cd0c5cfa4fe
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
web-api.getgist.com
URL
https://web-api.getgist.com/users/sign_in

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 function| $ function| jQuery object| FontAwesomeKitConfig object| gist object| s object| e string| newUrl object| bannerCloseEle object| Rails boolean| _rails_loaded function| closeImage function| clickedImage function| ImageContainer function| imageDownload boolean| favIconScriptLoad boolean| isFaviconPresent object| gtIpAddressDetails boolean| gtIpAddressAPIInitiateFlag boolean| gtFormSubmitStatus string| subDomain object| closedFormAjaxCallCount object| closedSurveyAjaxCallCount object| gtFixedElementDetails string| gtChatInterval string| identifyClearInterval string| gtLeadBotInterval boolean| gtPromptInitiated boolean| gtPersonCreated boolean| gtInitialScrollEvent boolean| isChatIframeReloaded object| gtContactData object| gtChatBotInterval object| getPromptIntervals boolean| notificationChatOpen string| gtPageOriginalTitle number| pageLoadTime boolean| initialTrackPageViewCalled object| gtProjectSetting string| officeHoursOnline boolean| trackPageViewCalled boolean| officeHoursInitiated boolean| chatPromptInitiated string| gtBrowserLanguage boolean| gtSegmentsCalled object| gtPersonSegmentsArray boolean| gtChatReadAtPageLoad object| kbSettings boolean| kbViewStatus object| convertLinkOptionSecretArray object| convertLinkOptionSecretArraySurvey object| convertLinkOptionArray object| convertLinkOptionArraySurvey object| gtFormsData object| gtSurveyData object| gtTourData object| surveyJSTriggerAPI object| filteredMessengerApp boolean| formOpenedViaClick object| shownFormObject boolean| gtIsWelcomematPresent boolean| chatiframeInitiated object| gtPromptDetails boolean| isChatHtmlRendered boolean| isQueryParamsCompleted boolean| isGtChatReady object| gtPageScrollPosition boolean| gtWindowResize number| gtUserType number| gtChatBottom number| gtChatRight object| gtChatLeft string| gtLauncherPosition string| gtWindowLocation boolean| gtPageIdeal boolean| gtReactChatIframeLoaded boolean| gtReactChatBubbleLoaded boolean| gtMobileCssLoaded number| gtLiveViewIntervals number| gtIdealIntervals string| gtBotPreviewDomain object| defaultAllowedDomains object| gtIdentifyTime string| gtAwsUrl string| gtAwsFromUrl string| gtAwsSurveyUrl string| formJsUrl string| newFormJsUrl string| surveyJsUrl string| tourJsUrl string| eventVisualisationJsUrl string| getTurboEventName boolean| surveyTriggered boolean| isForRailsApp boolean| gtChatEnabled object| gtEventDataTime object| gtBotPreviewData string| gtliquidJsUrl object| eventListeners function| Favico object| cfFavicon function| iframeContentLoad object| cfMath string| cfDefaultHost function| _cfSurveyFormView function| _cfFormView function| _gtTourView function| _cfIframeChat function| _surveyFormShowConditionPlugin function| _gtTour function| _formShowConditionPlugin function| _gtFormView function| _cfCommonFunctions boolean| cfAdBlockEnabled function| gtGist function| gistVisibilityConditions function| gistTargetVisitorsConditions object| gtTemp object| convertfox object| gtGistReady object| initGistChat object| gtGistChatReady object| gtUnmountComponent number| gistUnreadCount object| chatConfig object| alreadyExecutedFunctions boolean| initCalled object| tempThis object| gttriggeredChats object| announcementData object| gtBotChats object| liveForms object| gtNewConversationBots object| liveSurveys object| messengerApps object| liveTour object| ipv4Url string| cfChatAreaOpen boolean| chatScriptLoaded object| gtSegments object| gtTags object| refConditions boolean| gtContactDataSuccess object| modifiedIntervals boolean| botNotTriggered

2 Cookies

Domain/Path Name / Value
.norori.media/ Name: gist_identified_ug2vsgqf
Value: 0
.norori.media/ Name: gist_id_ug2vsgqf
Value: ef4a387b-d467-c75a-6325-aac8ba5b7310

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.getgist.com
data.getgist.com
events.getgist.com
gist-widget.b-cdn.net
help.norori.media
ka-p.fontawesome.com
kit.fontawesome.com
web-api.getgist.com
widget.getgist.com
web-api.getgist.com
2400:52e0:1e00::1080:1
2400:52e0:1e00::1081:1
2606:4700:4400::6812:2844
2a00:1450:4001:831::200a
34.117.157.228
34.149.136.106
01a3066991f4af85d35aaa0068aa00054f9762f39c263853f49518d5f9784c4b
03438676276cac93c1c2d034091c4b3ff7eb802df16a09cbd28e4414e1e97204
038e8922a63d3fe642316aaed6091ab02bd881939b7c94778be6ed0b5831877e
1580a6a19cb081a84215f13b42f765469beb87d7401f16349760cd067fc4da71
1f3387f11826be4923a2d3a8c1542780abd6d4c66ce13f2de770f2e386989593
29e018145a616bdb43c273c3da3a9f98fadff8253a1409b9ec0ac10ad0911ce8
2ee348af7adf2482407aff1bc1811c79fa677c3dd2ffef50a65187a047d9b1ac
4143db980eb823b8989206e763667ffa5c3784e637e2923ae4644e51ae3787e3
516640faeb856df6599d165f26ee51ce8cbaaf34f7c09d818509e75f6a48ae13
55a7ec39b5a271285ee60a9a33e399ac78caa7a4c2d8828f1ddf29298dbcbd3f
66c209bb66c3374009b80476f3e0e8247995dd55c65fcef67ac12e5ea179411b
96d4a213d69683c456f3f244e896c59807616b583e709300e910a707a92a07e2
9ad446e4f2ed82e9de4b99852689fdc883853b1a5a92c0b99a21caad1bfcc67c
a0d281e6c15cf008af15ccf4d66eb4b410d9b9eab1a6c28d174d7aaa003c3862
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
c5fb457fc69058cd84b72db3a52c0ef9961aa7d18e7bab081d7f1953a7cc23dd
d6087959da3949c820899f0adf134e094db8d5d4c965de700e579d35be8102d9
d87d54e6340484357925b04c989ee12820ffd1e47f3e558d98da24f8a9a471ec
d887054820369e92ef07d1b4a0bc7fa2411d94aa7b09340187044927afe1306d
dbe221ebad232b77875137e9276a12c9de22836940cc179d793058801edfed27
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e940e0299bd0f3fe99b4ba858148ec604398626bec67ed2fe17a0a065d5ee9ef
fa6b57c32034c944d110751fc93e4c8249b07c8362be40003e5e1bd0914ce45b
ffeec6255832e46102ccb2a71cd674ac89a810dad1c598071e17baf2ad13f46e