urlscan.io logo urlscan.io
SecurityTrails logo

signup.norstatpanel.com Open in urlscan Pro
2606:4700:3108::ac42:2b73  Public Scan

Go To Rescan Add Verdict Report
URL: https://signup.norstatpanel.com/da/signup?rc=431&rp2=Xburger&twclid=2-7a6qg952ufxyskeggimut3jdq
Submission Tags: 0xscam
Submission: On November 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3108::ac42:2b73, located in United States and belongs to CLOUDFLARENET, US. The main domain is signup.norstatpanel.com.
TLS certificate: Issued by WE1 on November 1st 2024. Valid for: 3 months.
This is the only time signup.norstatpanel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2606:4700:310... 13335 (CLOUDFLAR...)
2 17 172.66.43.115 13335 (CLOUDFLAR...)
1 12 18.173.205.71 16509 (AMAZON-02)
2 157.240.253.1 32934 (FACEBOOK)
2 157.240.253.35 32934 (FACEBOOK)
44 6
11    2606:4700:3108::ac42:2b73 (United States)

ASN13335 (CLOUDFLARENET, US)
signup.norstatpanel.com
17    172.66.43.115 (United States)

ASN13335 (CLOUDFLARENET, US)
signup.norstatpanel.com
track.norstatpanel.com
12    18.173.205.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-71.fra56.r.cloudfront.net
widget.freshworks.com
2    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
2    157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com
www.facebook.com
Apex Domain
Subdomains		 Transfer
28 norstatpanel.com
signup.norstatpanel.com
track.norstatpanel.com
2 MB
12 freshworks.com
widget.freshworks.com — Cisco Umbrella Rank: 19993
145 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
213 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 208
76 KB
44 4
Domain Requested by
25 signup.norstatpanel.com 2 redirects signup.norstatpanel.com
12 widget.freshworks.com 1 redirects widget.freshworks.com
3 track.norstatpanel.com signup.norstatpanel.com
track.norstatpanel.com
2 www.facebook.com
2 connect.facebook.net track.norstatpanel.com
connect.facebook.net
44 5

This site contains links to these domains. Also see Links.

Domain
www.norstatpanel.com
Subject Issuer Validity Valid
norstatpanel.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
*.freshworks.com
Amazon RSA 2048 M02		 2024-06-25 -
2025-07-24		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-21 -
2024-11-19		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://signup.norstatpanel.com/da/signup?rc=431&rp2=Xburger&twclid=2-7a6qg952ufxyskeggimut3jdq
Frame ID: EBE6B97CFB8E91640CD91577BF68003F
Requests: 33 HTTP requests in this frame

Frame: https://signup.norstatpanel.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: CE295683716E6F45BD3CA0188C6BAB74
Requests: 4 HTTP requests in this frame

Frame: https://widget.freshworks.com/widgetBase/widget.js
Frame ID: B13446B6C10F81B56735A6DAF087BC31
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Register - norstatpanel-signup

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

44
Requests

86 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

2113 kB
Transfer

7936 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://signup.norstatpanel.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://signup.norstatpanel.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Request Chain 18
  • https://widget.freshworks.com/widgets/21000000138.js HTTP 301
  • https://widget.freshworks.com/widgetBase/bootstrap.js
Request Chain 20
  • https://signup.norstatpanel.com/images/signup.Image HTTP 302
  • https://signup.norstatpanel.com/
Request Chain 24
  • https://signup.norstatpanel.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://signup.norstatpanel.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signup
signup.norstatpanel.com/da/ 		27 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://signup.norstatpanel.com/da/signup?rc=431&rp2=Xburger&twclid=2-7a6qg952ufxyskeggimut3jdq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b2a67ce41eb08a013cdd651dec52be9276b666cd32165c910d2db659fd37f95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8e17151a98ef3a9d-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 12 Nov 2024 14:06:24 GMT
link
<https://signup.norstatpanel.com/build/assets/app-a42de351.css>; rel="preload"; as="style", <https://signup.norstatpanel.com/build/assets/RegPanelistDefault-fdd153ee.css>; rel="preload"; as="style", <https://signup.norstatpanel.com/build/assets/app-2a57faea.js>; rel="modulepreload", <https://signup.norstatpanel.com/build/assets/RegPanelistDefault-abf03f68.js>; rel="modulepreload", <https://signup.norstatpanel.com/build/assets/PrimaryButton-f8b51404.js>; rel="modulepreload", <https://signup.norstatpanel.com/build/assets/LanguageSwitcher-9d436560.js>; rel="modulepreload", <https://signup.norstatpanel.com/build/assets/SignupFooter-0c9a68a2.js>; rel="modulepreload", <https://signup.norstatpanel.com/build/assets/SignupForm-727f06c7.js>; rel="modulepreload", <https://signup.norstatpanel.com/build/assets/lottie-player.esm-8ec2d44d.js>; rel="modulepreload"
server
cloudflare
vary
Accept-Encoding X-Inertia
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
noindex, no follow
app-a42de351.css
signup.norstatpanel.com/build/assets/ 		185 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://signup.norstatpanel.com/build/assets/app-a42de351.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a42de351ac9767b1f7280cbdb0cb8173547793e94065bd9595f26929eb72c1f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/da/signup?rc=431&rp2=Xburger&twclid=2-7a6qg952ufxyskeggimut3jdq

Response headers

x-robots-tag
noindex, no follow
content-encoding
gzip
cf-cache-status
HIT
etag
W/"672db4d8-2e4bc"
age
4444
x-content-type-options
nosniff
cf-ray
8e17151ab90e3a9d-FRA
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:24 GMT
content-type
text/css
last-modified
Fri, 08 Nov 2024 06:51:04 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
RegPanelistDefault-fdd153ee.css
signup.norstatpanel.com/build/assets/ 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://signup.norstatpanel.com/build/assets/RegPanelistDefault-fdd153ee.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdd153eedfa8265fbb24ad684dcef327e9e1eea9d1da8c54276d52e7b4c89e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/da/signup?rc=431&rp2=Xburger&twclid=2-7a6qg952ufxyskeggimut3jdq

Response headers

x-robots-tag
noindex, no follow
content-encoding
gzip
cf-cache-status
HIT
etag
W/"672db4d8-9da"
age
4444
x-content-type-options
nosniff
cf-ray
8e17151ab9103a9d-FRA
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:24 GMT
content-type
text/css
last-modified
Fri, 08 Nov 2024 06:51:04 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
app-2a57faea.js
signup.norstatpanel.com/build/assets/ 		786 KB
226 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signup.norstatpanel.com/build/assets/app-2a57faea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b4029d0d72790f165a9fd779ba58f05e7e0e38d41f40653aa7af8a37e71806
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://signup.norstatpanel.com
Referer

Response headers

x-robots-tag
noindex, no follow
content-encoding
gzip
cf-cache-status
HIT
etag
W/"672db4d8-c467f"
age
6055
x-content-type-options
nosniff
cf-ray
8e17151d9bbc3a9d-FRA
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:24 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 08 Nov 2024 06:51:04 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
RegPanelistDefault-abf03f68.js
signup.norstatpanel.com/build/assets/ 		581 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signup.norstatpanel.com/build/assets/RegPanelistDefault-abf03f68.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69ff74300b78dc430abef6cf0cb7e7ec37aceccde10b5ca04faebeb2efa83a95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://signup.norstatpanel.com
Referer

Response headers

x-robots-tag
noindex, no follow
content-encoding
gzip
cf-cache-status
HIT
etag
W/"672db4d8-9159f"
age
4280
x-content-type-options
nosniff
cf-ray
8e17151d9bbd3a9d-FRA
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:24 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 08 Nov 2024 06:51:04 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
PrimaryButton-f8b51404.js
signup.norstatpanel.com/build/assets/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signup.norstatpanel.com/build/assets/PrimaryButton-f8b51404.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0595870c5f3446c8f4055256319c9000e2da1f2794020b87ddf4c4ea51087de7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://signup.norstatpanel.com
Referer

Response headers

x-robots-tag
noindex, no follow
content-encoding
gzip
cf-cache-status
HIT
etag
W/"672db4d8-21e2"
age
4280
x-content-type-options
nosniff
cf-ray
8e17151d9bbe3a9d-FRA
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:24 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 08 Nov 2024 06:51:04 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
LanguageSwitcher-9d436560.js
signup.norstatpanel.com/build/assets/ 		79 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signup.norstatpanel.com/build/assets/LanguageSwitcher-9d436560.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1773ab0906ce379332eefd642ec693c0ba34842fa5e6e2a04bfd2160aa9ea2ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://signup.norstatpanel.com
Referer

Response headers

x-robots-tag
noindex, no follow
content-encoding
gzip
cf-cache-status
HIT
etag
W/"672db4d8-13a44"
age
4280
x-content-type-options
nosniff
cf-ray
8e17151d9bc13a9d-FRA
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:24 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 08 Nov 2024 06:51:04 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
SignupFooter-0c9a68a2.js
signup.norstatpanel.com/build/assets/ 		1 KB
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://signup.norstatpanel.com/build/assets/SignupFooter-0c9a68a2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1bbf1f3998bc2d291fd62b130cdc627b1c46e4954a3496dd7d941a301301c53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://signup.norstatpanel.com
Referer

Response headers

x-robots-tag
noindex, no follow
content-encoding
gzip
cf-cache-status
HIT
etag
W/"672db4d8-435"
age
2873
x-content-type-options
nosniff
cf-ray
8e17151d9bc33a9d-FRA
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:24 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 08 Nov 2024 06:51:04 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
SignupForm-727f06c7.js
signup.norstatpanel.com/build/assets/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://signup.norstatpanel.com/build/assets/SignupForm-727f06c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13eb96aa0d6631d813468a63e05ddb59bbfe51b30faf3d0da3384e742734add3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://signup.norstatpanel.com
Referer

Response headers

x-robots-tag
noindex, no follow
content-encoding
gzip
cf-cache-status
HIT
etag
W/"672db4d8-4a2155"
age
4280
x-content-type-options
nosniff
cf-ray
8e17151d9bc43a9d-FRA
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:24 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 08 Nov 2024 06:51:04 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
lottie-player.esm-8ec2d44d.js
signup.norstatpanel.com/build/assets/ 		335 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signup.norstatpanel.com/build/assets/lottie-player.esm-8ec2d44d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1004a87fdfa36429ae7304562cd5f97678439d5950c72051baee2e9b2b0d785b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://signup.norstatpanel.com
Referer

Response headers

x-robots-tag
noindex, no follow
content-encoding
gzip
cf-cache-status
HIT
etag
W/"672db4d8-53b35"
age
4280
x-content-type-options
nosniff
cf-ray
8e17151d9bc63a9d-FRA
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:24 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 08 Nov 2024 06:51:04 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
rocket-loader.min.js
signup.norstatpanel.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signup.norstatpanel.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: signup.norstatpanel.com
URL: https://signup.norstatpanel.com/da/signup?rc=431&rp2=Xburger&twclid=2-7a6qg952ufxyskeggimut3jdq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/da/signup?rc=431&rp2=Xburger&twclid=2-7a6qg952ufxyskeggimut3jdq

Response headers

cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"672b8df5-302c"
x-content-type-options
nosniff
cf-ray
8e17151d9bc73a9d-FRA
expires
Thu, 14 Nov 2024 14:06:24 GMT
date
Tue, 12 Nov 2024 14:06:24 GMT
content-type
application/javascript
last-modified
Wed, 06 Nov 2024 15:40:37 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
RegPanelistDefault-abf03f68.js
signup.norstatpanel.com/build/assets/ 		0
0
app-2a57faea.js
signup.norstatpanel.com/build/assets/ 		0
0
main.js
signup.norstatpanel.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame CE29
Redirect Chain
  • https://signup.norstatpanel.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://signup.norstatpanel.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signup.norstatpanel.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
Protocol
H3
Server
172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08d3928b1d923e0691597f0d5600dd89b97b89e17a9433757af66dc924437bc5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-robots-tag
noindex, no follow
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
br
x-content-type-options
nosniff
cf-ray
8e17151e685bd298-FRA
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:25 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

x-robots-tag
noindex, no follow
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
cf-ray
8e17151e3fdfd298-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 12 Nov 2024 14:06:25 GMT
vary
Accept-Encoding
server
cloudflare
8e17151a98ef3a9d
signup.norstatpanel.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame CE29 		0
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://signup.norstatpanel.com/cdn-cgi/challenge-platform/h/b/jsd/r/8e17151a98ef3a9d
Requested by
Host: signup.norstatpanel.com
URL: https://signup.norstatpanel.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8e1715202cd9d298-FRA
x-robots-tag
noindex, no follow
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 12 Nov 2024 14:06:25 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
favicon.ico
signup.norstatpanel.com/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://signup.norstatpanel.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96e8801a8a9f244edaad7eee65f327ae86098d1ca2a5428cdc6d90c00fa0f2b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/da/signup?rc=431&rp2=Xburger&twclid=2-7a6qg952ufxyskeggimut3jdq

Response headers

x-robots-tag
noindex, no follow
content-encoding
gzip
cf-cache-status
HIT
etag
W/"672db498-3c2e"
age
5611
x-content-type-options
nosniff
cf-ray
8e1715203d12d298-FRA
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:25 GMT
content-type
image/x-icon
last-modified
Fri, 08 Nov 2024 06:50:00 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
da-d46a043a.js
signup.norstatpanel.com/build/assets/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signup.norstatpanel.com/build/assets/da-d46a043a.js
Requested by
Host: signup.norstatpanel.com
URL: https://signup.norstatpanel.com/build/assets/app-2a57faea.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
740a77474003b8ed07926da4adc31734524c8b2319791a0117aa23ad83b12fd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://signup.norstatpanel.com
Referer
https://signup.norstatpanel.com/build/assets/app-2a57faea.js

Response headers

x-robots-tag
noindex, no follow
content-encoding
gzip
cf-cache-status
HIT
etag
W/"672db4d8-309f"
x-content-type-options
nosniff
cf-ray
8e171521d96dd298-FRA
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:25 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 08 Nov 2024 06:51:04 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
da.json
signup.norstatpanel.com/cc/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signup.norstatpanel.com/cc/da.json
Requested by
Host: signup.norstatpanel.com
URL: https://signup.norstatpanel.com/build/assets/app-2a57faea.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d1c2c72d705dc70a653675615fc1dcea20bf29994cc58262798b3a1d3bb9fdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/da/signup?rc=431&rp2=Xburger&twclid=2-7a6qg952ufxyskeggimut3jdq

Response headers

x-robots-tag
noindex, no follow
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"672db498-dce"
x-content-type-options
nosniff
cf-ray
8e171521d975d298-FRA
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:25 GMT
content-type
application/json
last-modified
Fri, 08 Nov 2024 06:50:00 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
truncated
/ 		18 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f185c1c5d97de56e16234b367ba43ce86ac0db8e9d7877062feb75288147f01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
bootstrap.js
widget.freshworks.com/widgetBase/
Redirect Chain
  • https://widget.freshworks.com/widgets/21000000138.js
  • https://widget.freshworks.com/widgetBase/bootstrap.js
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/bootstrap.js
Protocol
H2
Server
18.173.205.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b750aa111101eb8685436690b034ab2cbe57accdc04bb818f060639a8a5b81f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
x-amz-version-id
W3AOh4MIVkhe_ZGc7BbCBngLno88LKvk
etag
W/"96358557f33cdca557d32231f632b6ca"
age
836
via
1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
sbONlPvKOk2eF5fctCTU2GzaUOFYzC9kfpJnPeQnEpXq25aVh4XvXg==
date
Tue, 12 Nov 2024 13:52:30 GMT
content-type
application/javascript
last-modified
Wed, 14 Aug 2024 07:29:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
vary
Accept-Encoding

Redirect headers

location
/widgetBase/bootstrap.js
age
44
via
1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
0
x-amz-cf-id
37WJVvVlBVl8YS9kLJp2_1bGZt8bK6a42L3mC2AjEWQIuvBdA2gG_w==
date
Tue, 12 Nov 2024 14:05:42 GMT
x-amz-cf-pop
FRA56-P12
server
AmazonS3
da.svg
signup.norstatpanel.com/flag/ 		362 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signup.norstatpanel.com/flag/da.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33815e73a3d07b3ae77cec1fdc77a285646e4e730136632f0ff5de6f8697c98c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/da/signup?rc=431&rp2=Xburger&twclid=2-7a6qg952ufxyskeggimut3jdq

Response headers

x-robots-tag
noindex, no follow
content-encoding
gzip
cf-cache-status
HIT
etag
W/"672db498-16a"
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=2yrJyYVWbDW1Z.jNCye6d7OPwC7kePAIHmUp_zEY1Ww-1731420385-1.0.1.1-x7d6nVXiRzudFAc7Vpf_6av7HL79wp7QWtor.FOYm3icBstyUE9lRtmgtu5wkdKY6GeMYdxpLxL60L4kY135V_lX5QnwnTILXUv0mif58EmM4cjOviu9vOjn47xRjJcRpmLcfvNduKvFRv_PfRSMGxiwG4ABP0qLm_gZe0eB7lY"}],"group":"cf-csp-endpoint","max_age":86400}
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=2yrJyYVWbDW1Z.jNCye6d7OPwC7kePAIHmUp_zEY1Ww-1731420385-1.0.1.1-x7d6nVXiRzudFAc7Vpf_6av7HL79wp7QWtor.FOYm3icBstyUE9lRtmgtu5wkdKY6GeMYdxpLxL60L4kY135V_lX5QnwnTILXUv0mif58EmM4cjOviu9vOjn47xRjJcRpmLcfvNduKvFRv_PfRSMGxiwG4ABP0qLm_gZe0eB7lY; report-to cf-csp-endpoint
cf-ray
8e1715231c8cd298-FRA
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:25 GMT
content-type
image/svg+xml
last-modified
Fri, 08 Nov 2024 06:50:00 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
/
signup.norstatpanel.com/
Redirect Chain
  • https://signup.norstatpanel.com/images/signup.Image
  • https://signup.norstatpanel.com/
0
0
nora_laptop_web-ec8b502a.png
signup.norstatpanel.com/build/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signup.norstatpanel.com/build/assets/nora_laptop_web-ec8b502a.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5636008b5aa41f392d9a896da01a9f0a96c3782931ad390d48983ba9edb9332
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/da/signup?rc=431&rp2=Xburger&twclid=2-7a6qg952ufxyskeggimut3jdq

Response headers

x-robots-tag
noindex, no follow
cf-bgj
imgq:100,h2pri
etag
"672db4d8-10b8"
age
3877
cf-cache-status
HIT
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=4280
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:25 GMT
content-type
image/webp
content-disposition
inline; filename="nora_laptop_web-ec8b502a.webp"
vary
Accept
last-modified
Fri, 08 Nov 2024 06:51:04 GMT
x-frame-options
SAMEORIGIN
cf-ray
8e1715232ca9d298-FRA
accept-ranges
bytes
content-length
2134
server
cloudflare
nora_mobile_web-44e34ea9.png
signup.norstatpanel.com/build/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signup.norstatpanel.com/build/assets/nora_mobile_web-44e34ea9.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
deed9fa3155c7cc08297124f97e5701ae32163f5b20880e4908c55f0e91d6174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/da/signup?rc=431&rp2=Xburger&twclid=2-7a6qg952ufxyskeggimut3jdq

Response headers

x-robots-tag
noindex, no follow
cf-bgj
imgq:100,h2pri
etag
"672db4d8-e28"
age
3877
cf-cache-status
HIT
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=3624
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:25 GMT
content-type
image/webp
content-disposition
inline; filename="nora_mobile_web-44e34ea9.webp"
vary
Accept
last-modified
Fri, 08 Nov 2024 06:51:04 GMT
x-frame-options
SAMEORIGIN
cf-ray
8e1715232caad298-FRA
accept-ranges
bytes
content-length
1784
server
cloudflare
nora_coins_web-51533dfe.png
signup.norstatpanel.com/build/assets/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signup.norstatpanel.com/build/assets/nora_coins_web-51533dfe.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40c078ba31f7685a6429d84b9adeb42e9a0183b0b5c12d64dcfe1064542dd5a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/da/signup?rc=431&rp2=Xburger&twclid=2-7a6qg952ufxyskeggimut3jdq

Response headers

x-robots-tag
noindex, no follow
cf-bgj
imgq:100,h2pri
etag
"672db4d8-1108"
age
3877
cf-cache-status
HIT
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=4360
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:25 GMT
content-type
image/webp
content-disposition
inline; filename="nora_coins_web-51533dfe.webp"
vary
Accept
last-modified
Fri, 08 Nov 2024 06:51:04 GMT
x-frame-options
SAMEORIGIN
cf-ray
8e1715232cabd298-FRA
accept-ranges
bytes
content-length
2446
server
cloudflare
main.js
signup.norstatpanel.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame CE29
Redirect Chain
  • https://signup.norstatpanel.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://signup.norstatpanel.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
8 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://signup.norstatpanel.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
Protocol
H3
Server
172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08d3928b1d923e0691597f0d5600dd89b97b89e17a9433757af66dc924437bc5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-robots-tag
noindex, no follow
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
br
x-content-type-options
nosniff
cf-ray
8e17151e685bd298-FRA
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:25 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

x-robots-tag
noindex, no follow
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
cf-ray
8e17151e3fdfd298-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 12 Nov 2024 14:06:25 GMT
vary
Accept-Encoding
server
cloudflare
signup_cards_dk.png
signup.norstatpanel.com/images/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signup.norstatpanel.com/images/signup_cards_dk.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a11ef0892a73327157d056cb81eef1877f25c4eafa252cc2972a1cd43a92eaba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/da/signup?rc=431&rp2=Xburger&twclid=2-7a6qg952ufxyskeggimut3jdq

Response headers

x-robots-tag
noindex, no follow
cf-bgj
imgq:100,h2pri
etag
"672db498-2a9e8"
cf-cache-status
HIT
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=174568
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:26 GMT
content-type
image/webp
content-disposition
inline; filename="signup_cards_dk.webp"
vary
Accept
last-modified
Fri, 08 Nov 2024 06:50:00 GMT
x-frame-options
SAMEORIGIN
cf-ray
8e171524a860d298-FRA
accept-ranges
bytes
content-length
108042
server
cloudflare
container_OteuXPnu.js
track.norstatpanel.com/js/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.norstatpanel.com/js/container_OteuXPnu.js
Requested by
Host: signup.norstatpanel.com
URL: https://signup.norstatpanel.com/build/assets/app-2a57faea.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee7c44085d6aadd0737d3197fafe61c3d89b986a30a774cb931e1418784473b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/

Response headers

x-robots-tag
noindex, no follow
content-encoding
br
cf-cache-status
HIT
etag
W/"67334887-a34d"
age
1519
expires
Tue, 12 Nov 2024 13:43:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:26 GMT
content-type
application/javascript
last-modified
Tue, 12 Nov 2024 12:22:31 GMT
vary
Accept-Encoding
cache-control
max-age=3600, public
pragma
public
access-control-allow-credentials
true
cf-ray
8e1715253ce23764-FRA
server
cloudflare
8e17151a98ef3a9d
signup.norstatpanel.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame CE29 		0
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://signup.norstatpanel.com/cdn-cgi/challenge-platform/h/b/jsd/r/8e17151a98ef3a9d
Requested by
Host: signup.norstatpanel.com
URL: https://signup.norstatpanel.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8e1715263c35d298-FRA
x-robots-tag
noindex, no follow
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 12 Nov 2024 14:06:26 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
21000000138.json
widget.freshworks.com/widgets/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgets/21000000138.json?randomId=0.9807100444309289
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgets/21000000138.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bffa7b1909149d239581b84f40fd3a3fa6a8ce16d4f45f50b6e1ea34da2d39d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/

Response headers

content-encoding
gzip
x-amz-version-id
uWJV0gp_tDepFFQ46m3BRwoMBcER.2Am
etag
W/"e5eb1f58c63d79cfe3aa0a9c407321cc"
age
4
access-control-allow-methods
GET
via
1.1 7f26f4279546775ace8410d89a15a960.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
o0JS_rrzp7dGCJGdktIiJL1mS3L1Jv28kP918c2VpXkQKHPpcTqoqA==
date
Tue, 12 Nov 2024 14:06:22 GMT
content-type
application/json
last-modified
Wed, 26 Apr 2023 11:39:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
vary
Accept-Encoding,Origin
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: track.norstatpanel.com
URL: https://track.norstatpanel.com/js/container_OteuXPnu.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-H43WbVEt' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:26 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-H43WbVEt' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4426, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
WuD5aI4QyaZd3pMENnGzRl9Wv6VLiUZSZHBqjgn/QjYP5CAIXpTiUBD4y8Nzn83QqtrxTm3ryF5rJgTEUUWFgg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer
1
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
matomo.js
track.norstatpanel.com/ 		202 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.norstatpanel.com/matomo.js
Requested by
Host: signup.norstatpanel.com
URL: https://signup.norstatpanel.com/da/signup?rc=431&rp2=Xburger&twclid=2-7a6qg952ufxyskeggimut3jdq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4b3bb852c2163fe5e78708f8346ea5672f666fc89f32c84e7a9059401dd079b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/

Response headers

x-robots-tag
noindex, no follow
content-encoding
br
cf-cache-status
HIT
etag
W/"66f5071f-327dc"
age
1256
expires
Tue, 12 Nov 2024 14:10:48 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:26 GMT
content-type
application/javascript
last-modified
Thu, 26 Sep 2024 07:02:55 GMT
vary
Accept-Encoding
cache-control
max-age=3600, public
pragma
public
access-control-allow-credentials
true
cf-ray
8e1715269e3d3764-FRA
server
cloudflare
frame.d7ae132c.css
widget.freshworks.com/widgetBase/static/media/ 		1 KB
912 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/static/media/frame.d7ae132c.css
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgets/21000000138.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fd899442c2e228b75ababfc6183c7829fd72af587f4333908d230bedfa0fd576

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/

Response headers

cache-control
max-age=8640000
content-encoding
gzip
x-amz-version-id
tBMRWrlEEJWTHjkqjcoskFevcD7QLYla
etag
W/"d7ae132c387286735e2e9d369838b0c5"
age
4760384
via
1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
hOqpzE8eB6pTKdWDKBnQbGO2gJp38tZtFL9XRqjV9Cuaj7K5H37T8w==
date
Wed, 18 Sep 2024 11:46:43 GMT
content-type
text/css
last-modified
Wed, 14 Aug 2024 07:18:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
vary
Accept-Encoding
widget.js
widget.freshworks.com/widgetBase/ Frame B134 		295 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgets/21000000138.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
580dbdf71ce0d645eeb9f90a9590534195b4aa9b8d869b40e6bf6e5010ca98d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
x-amz-version-id
EA95Ssh7R70epn693aEZw9cUCHjdTVOD
etag
W/"316a997fbea89f20f77b5e78a558038a"
age
890
via
1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
HUyIyqe7-H9069Gh_18wddqas89-LfEhoCpJQeBAHPyOMZ1mprl8ig==
date
Tue, 12 Nov 2024 13:51:37 GMT
content-type
application/javascript
last-modified
Wed, 14 Aug 2024 07:28:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
vary
Accept-Encoding
756868222477339
connect.facebook.net/signals/config/ 		78 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/756868222477339?v=2.9.176&r=stable&domain=signup.norstatpanel.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
f531d6978f7956af9610f9c9340d4938f14f3143ba5eb631d48a593cb6b50855
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Z4JirKCM' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:26 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Z4JirKCM' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=15, rtx=0, c=40, mss=1232, tbw=72820, tp=68, tpl=0, uplat=129, ullat=0
pragma
public
x-fb-debug
tdG4Rj+W1Z/Iuyhjz4VklPgoLa8Idxm2AWMHKk5Dgj3t100XA0YFZt6Vlo4L4STZhPfepoiFimm4wzGAVEVJxQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
matomo.php
track.norstatpanel.com/ 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.norstatpanel.com/matomo.php?action_name=Register%20-%20norstatpanel-signup&idsite=6&rec=1&r=784372&h=15&m=6&s=26&url=https%3A%2F%2Fsignup.norstatpanel.com%2Fda%2Fsignup%3Frc%3D431%26twclid%3D2-7a6qg952ufxyskeggimut3jdq&_id=b691a62725d68528&_idn=1&send_image=0&_refts=0&pv_id=1nLxnh&fa_pv=1&fa_fp[0][fa_vid]=kzD0jo&fa_fp[0][fa_id]=sign_up&fa_fp[0][fa_fv]=1&pf_net=68&pf_srv=24&pf_tfr=415&pf_dm1=141&pf_dm2=8&pf_onl=14&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: track.norstatpanel.com
URL: https://track.norstatpanel.com/matomo.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8
Referer
https://signup.norstatpanel.com/

Response headers

x-robots-tag
noindex, no follow
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
referrer-policy
origin
cf-ray
8e1715275f073764-FRA
access-control-allow-origin
https://signup.norstatpanel.com
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:26 GMT
x-xss-protection
1; mode=block
vary
Origin
server
cloudflare
0.e2caf280750f3ece06da.widget.js
widget.freshworks.com/widgetBase/ Frame B134 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/0.e2caf280750f3ece06da.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08e57da2e4e7172c19d9982a1ccc90402da5c4453093123e982e1fa7f9eccc8f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/

Response headers

cache-control
max-age=8640000
content-encoding
gzip
x-amz-version-id
XwT3J_zaNN2rLU3RJAXl9dqpMbQuaW7m
etag
W/"3eb7d6da69812f629e5409d725c8ca3b"
age
4697978
via
1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
bIB08FmGn1IWHgD1-yHBMPAvuD0sQjRDuys4t-A_uoVZJ6iO81IlYw==
date
Thu, 19 Sep 2024 05:06:49 GMT
content-type
application/javascript
last-modified
Wed, 14 Aug 2024 07:19:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
vary
Accept-Encoding
1.0e8f0237accf8416de7f.widget.js
widget.freshworks.com/widgetBase/ Frame B134 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/1.0e8f0237accf8416de7f.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be89fd0886decfb4e9e5b23f3901fa4c9f58003971266405b8803a19b4019d42

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/

Response headers

cache-control
max-age=8640000
content-encoding
gzip
x-amz-version-id
C6j4B_SzRlsDpB94QlvtbAL62WONzvdp
etag
W/"7c346979da8f0571ca5e101f69a9c6f0"
age
4859590
via
1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
7QzoqGNi09svh_8Yb2rqbi3lBMvoI3JNbN9hlQsJoT6qkdPd-W-1Hw==
date
Tue, 17 Sep 2024 08:13:17 GMT
content-type
application/javascript
last-modified
Wed, 14 Aug 2024 07:19:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
vary
Accept-Encoding
8.d7c0d0debf20c1c1c333.widget.js
widget.freshworks.com/widgetBase/ Frame B134 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/8.d7c0d0debf20c1c1c333.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a39871377278f3eb590fc0d64a4b46137a8959030f6b3fe9b5c7ef7e7da2015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/

Response headers

cache-control
max-age=8640000
content-encoding
gzip
x-amz-version-id
VqRZ8SQSw8FXxlbsGuy2qAtPTWs.LT.z
etag
W/"9595037458ddb204b700bf581e6193cb"
age
4697978
via
1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
rYWri3q7yRXX-6gmcluKdo4GJ4Tc2xTG6OwKt1SQsv76SHAixLITyw==
date
Thu, 19 Sep 2024 05:06:49 GMT
content-type
application/javascript
last-modified
Wed, 14 Aug 2024 07:19:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
vary
Accept-Encoding
10.e2a6e1199313e5325e57.widget.js
widget.freshworks.com/widgetBase/ Frame B134 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/10.e2a6e1199313e5325e57.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddce5d923065edc47c2b3a1d0157f2cfc0d502566b43b1014a51cb18ebd77cb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/

Response headers

cache-control
max-age=8640000
content-encoding
gzip
x-amz-version-id
LQjR2f8YIxslmiSdzuhWln2jSX0k9nsG
etag
W/"e1fa78a672e16586648645742dd1af72"
age
4859590
via
1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
ZXuh-c47tKZshxIVHXnTNoH4Yc_SOQOCZ9SIoGz0D8dAi7Zjhlfocw==
date
Tue, 17 Sep 2024 08:13:17 GMT
content-type
application/javascript
last-modified
Wed, 14 Aug 2024 07:19:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
vary
Accept-Encoding
16.91e55ff21de942a8b5a0.widget.js
widget.freshworks.com/widgetBase/ Frame B134 		645 B
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/16.91e55ff21de942a8b5a0.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c29229a800cc364c4bdbd63abdd676f570302a3b90c618ffe54f54447bc0d83

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/

Response headers

cache-control
max-age=8640000
x-amz-version-id
e3P81e1o6hXKc5KIKj2GELLLZ7Ulh8oC
etag
"ee6a274e041d81acb09fb70447eb7252"
age
4859590
via
1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
645
x-amz-cf-id
8YiB29RRJrE1RRADUh75SBTO7m9nmsVinFVDuVmb1tq--2W7JEVi6w==
date
Tue, 17 Sep 2024 08:13:17 GMT
content-type
application/javascript
last-modified
Wed, 14 Aug 2024 07:20:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
da.json
widget.freshworks.com/widgetBase/locales/ Frame B134 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/locales/da.json
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/10.e2a6e1199313e5325e57.widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
48ef755342359870ce89b87a812c2bb76408407c47cb755f2b53c15cf52fe41e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/

Response headers

content-encoding
gzip
etag
W/"be7a7815782d9dc802135439a0ee4f10"
x-amz-version-id
iVus44wZenAA5EwiL3BUOO9GnrPyx0gL
age
7799636
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
vSEQ1UbfWyloANrZx2DpZKOigguj-j5S31PgTjOgYISMizfhbPc1bA==
date
Wed, 14 Aug 2024 07:32:31 GMT
content-type
application/json
last-modified
Wed, 14 Aug 2024 07:19:41 GMT
vary
Accept-Encoding,Origin
cache-control
max-age=8640000
via
1.1 7f26f4279546775ace8410d89a15a960.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P12
server
AmazonS3
en.json
widget.freshworks.com/widgetBase/locales/ Frame B134 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/locales/en.json
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/10.e2a6e1199313e5325e57.widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a50b51ac483825c4c798132f572dc813498c9087ff4f4d4b0cafd5deba43d130

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/

Response headers

content-encoding
gzip
etag
W/"b89e0007134ac4d219df17aa6fcd289e"
x-amz-version-id
uuo8_aHJYG5TT2HQw1TJpDJZj2jMWZZl
age
7799758
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
gSgoGfSVgPl1kRP6AH9JP8a7cJ1hFs10d72pJ35zlSfoHhz2gNyVFw==
date
Wed, 14 Aug 2024 07:30:29 GMT
content-type
application/json
last-modified
Wed, 14 Aug 2024 07:19:18 GMT
vary
Accept-Encoding,Origin
cache-control
max-age=8640000
via
1.1 7f26f4279546775ace8410d89a15a960.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P12
server
AmazonS3
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=756868222477339&ev=PageView&dl=https%3A%2F%2Fsignup.norstatpanel.com%2Fda%2Fsignup%3Frc%3D431%26rp2%3DXburger%26twclid%3D2-7a6qg952ufxyskeggimut3jdq&rl=&if=false&ts=1731420386624&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731420386607.411288299587428848&cs_est=true&ler=empty&cdl=API_unavailable&it=1731420386428&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=14, rtx=0, c=23, mss=1232, tbw=4473, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 12 Nov 2024 14:06:26 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=756868222477339&ev=PageView&dl=https%3A%2F%2Fsignup.norstatpanel.com%2Fda%2Fsignup%3Frc%3D431%26rp2%3DXburger%26twclid%3D2-7a6qg952ufxyskeggimut3jdq&rl=&if=false&ts=1731420386624&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731420386607.411288299587428848&cs_est=true&ler=empty&cdl=API_unavailable&it=1731420386428&coo=false&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.norstatpanel.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7436393933909214813"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 14:06:26 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
WTYLCF9lLmvpX1nzp88U+nHLZJRmIdV40PDmvalcn7T6ensSM6NxipO0Yp0wiRVS4cchhamyuVWovEYhZEusDg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7436393933909214813", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=23, mss=1232, tbw=4841, tp=13, tpl=0, uplat=115, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
signup.norstatpanel.com
URL
https://signup.norstatpanel.com/build/assets/RegPanelistDefault-abf03f68.js
Domain
signup.norstatpanel.com
URL
https://signup.norstatpanel.com/build/assets/app-2a57faea.js
Domain
signup.norstatpanel.com
URL
https://signup.norstatpanel.com/

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| __cfQR function| route boolean| __cfRLUnblockHandlers function| axios object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ object| reactiveElementVersions object| litHtmlVersions object| litElementVersions boolean| __VUE__ boolean| _ccRun object| fwSettings function| FreshworksWidget object| _mtm object| FwBootstrap object| MatomoTagManager function| fbq function| _fbq object| _paq object| Piwik object| Matomo object| matomoAbTestingCampaignUrlParamList object| AnalyticsTracker function| piwik_log

7 Cookies

Domain/Path Name / Value
.norstatpanel.com/ Name: __cf_bm
Value: AfFdIbwORGwzJW7mewM6SQqxNIsz2wB2AYRB3NB_DGQ-1731420385-1.0.1.1-FQ0V_unUrFlBRcT.roLmOG0SKXr9PSuhJq2c5kabhzyIVfndnjuY84HxQ4LQWE6IsDSknJiuUIkHmHvp95lguA
.signup.norstatpanel.com/ Name: XSRF-TOKEN
Value: eyJpdiI6Ik5IdkcraGNpWVBnUnVuaWxESVBoUVE9PSIsInZhbHVlIjoiQUtOMjU4WUNIaGZHTkZpMkkxMEw3OUszdXJtR01GYitEVVo0QUdLazd2dlgrYjFWNDZORU5ucEIxaWNqUzA3WDB1aHRkNm1zU2hSK21Kb0ZSdGtmS09BZCs2elhwdmRaeFRCRXhsdEE2VkpOWWxPbjFOc01nVm16Yk9xdGFudHgiLCJtYWMiOiI0ZDU0ZDVhNDJlNzhhZjhlYjQxMjFlMmM2ZjZkNDcyY2I3YTY2MjRhMTQ2ZTljYzBhNDBkYjIzOWEzZjE3NDNhIiwidGFnIjoiIn0%3D
.signup.norstatpanel.com/ Name: norstatpanel_signup_session
Value: eyJpdiI6IitzQjBLVGRid3hibmMwc1kxblpYc0E9PSIsInZhbHVlIjoiUnF1UHZSV0hhcWNZZnB3QnFHcmhuVGM0VUpCSVRGVWJISWJOQVJuWWJadUh1YzZUT0hyOU5Xcmh0L0FrVHhEQ2hxUHozMHU0WDMwV0FRVnRSanlmbUxNWmpPdVAzdGptVGdQdlFIT3pLeENZY1NLK1JBQk1sTGNaRllFTHhWMGwiLCJtYWMiOiI3ZWJiYTYxODY0MmVlNmUwYjgyNTIzYWZlYzdkM2QzMjlkMjE5NDU2MGU2NDI5ZWJjYmQ5MDJlZjBiN2RkYjc3IiwidGFnIjoiIn0%3D
.norstatpanel.com/ Name: cf_clearance
Value: ALVutT6M9yG1QsZpex0bHWnDPSo32Qb9akiOLVwKWiQ-1731420386-1.2.1.1-LkKuIikMOek6XFnDVUdML3t_Za0YLfhIFoyzmjM.AscqMvuYBbNkOWcSuIQcs2kxNW5XGfxu69EVr0X8zq0Msa59xtP4AiyXAt.Hj51TgWifzqvvf.v1FV9uyOUD7BKcFnlTezG3_mTQiX9GYCfvcFeHSCr7PEXH7KygHMPvf2TNQ.cxkBJPKFKVs0hhyLvjmMHii3ebMBSrMqKFnhNf8gyClp8lhrqFn3UoaogUCxomi8ZlqpfpbA3N4WPaLCD113GG72L_yjIAPBDvmSjPhZKD5hymy1BAiiUoy9kzsz07fA.NQ_OvmwaFA4IUh2uO5t78HVvxJHr0a4Qa1nMIlRwBmgKQ7iSUWLDmhHtiXECI7TLTT.Mfipv.5wyGoEtJ
signup.norstatpanel.com/ Name: _pk_id.6.19e5
Value: b691a62725d68528.1731420386.
signup.norstatpanel.com/ Name: _pk_ses.6.19e5
Value: 1
.norstatpanel.com/ Name: _fbp
Value: fb.1.1731420386607.411288299587428848

1 Console Messages

Source Level URL
Text
rendering info URL: https://signup.norstatpanel.com/da/signup?rc=431&rp2=Xburger&twclid=2-7a6qg952ufxyskeggimut3jdq
Message:
Autofocus processing was blocked because a document already has a focused element.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
signup.norstatpanel.com
track.norstatpanel.com
widget.freshworks.com
www.facebook.com
signup.norstatpanel.com
157.240.253.1
157.240.253.35
172.66.43.115
18.173.205.71
2606:4700:3108::ac42:2b73
0595870c5f3446c8f4055256319c9000e2da1f2794020b87ddf4c4ea51087de7
08d3928b1d923e0691597f0d5600dd89b97b89e17a9433757af66dc924437bc5
08e57da2e4e7172c19d9982a1ccc90402da5c4453093123e982e1fa7f9eccc8f
0a39871377278f3eb590fc0d64a4b46137a8959030f6b3fe9b5c7ef7e7da2015
1004a87fdfa36429ae7304562cd5f97678439d5950c72051baee2e9b2b0d785b
13eb96aa0d6631d813468a63e05ddb59bbfe51b30faf3d0da3384e742734add3
1773ab0906ce379332eefd642ec693c0ba34842fa5e6e2a04bfd2160aa9ea2ca
1b2a67ce41eb08a013cdd651dec52be9276b666cd32165c910d2db659fd37f95
1c29229a800cc364c4bdbd63abdd676f570302a3b90c618ffe54f54447bc0d83
33815e73a3d07b3ae77cec1fdc77a285646e4e730136632f0ff5de6f8697c98c
3b750aa111101eb8685436690b034ab2cbe57accdc04bb818f060639a8a5b81f
40c078ba31f7685a6429d84b9adeb42e9a0183b0b5c12d64dcfe1064542dd5a9
48ef755342359870ce89b87a812c2bb76408407c47cb755f2b53c15cf52fe41e
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
580dbdf71ce0d645eeb9f90a9590534195b4aa9b8d869b40e6bf6e5010ca98d8
5d1c2c72d705dc70a653675615fc1dcea20bf29994cc58262798b3a1d3bb9fdf
69ff74300b78dc430abef6cf0cb7e7ec37aceccde10b5ca04faebeb2efa83a95
740a77474003b8ed07926da4adc31734524c8b2319791a0117aa23ad83b12fd3
7f185c1c5d97de56e16234b367ba43ce86ac0db8e9d7877062feb75288147f01
96e8801a8a9f244edaad7eee65f327ae86098d1ca2a5428cdc6d90c00fa0f2b6
9ee7c44085d6aadd0737d3197fafe61c3d89b986a30a774cb931e1418784473b
a11ef0892a73327157d056cb81eef1877f25c4eafa252cc2972a1cd43a92eaba
a42de351ac9767b1f7280cbdb0cb8173547793e94065bd9595f26929eb72c1f1
a50b51ac483825c4c798132f572dc813498c9087ff4f4d4b0cafd5deba43d130
a9b4029d0d72790f165a9fd779ba58f05e7e0e38d41f40653aa7af8a37e71806
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b4b3bb852c2163fe5e78708f8346ea5672f666fc89f32c84e7a9059401dd079b
b5636008b5aa41f392d9a896da01a9f0a96c3782931ad390d48983ba9edb9332
be89fd0886decfb4e9e5b23f3901fa4c9f58003971266405b8803a19b4019d42
bffa7b1909149d239581b84f40fd3a3fa6a8ce16d4f45f50b6e1ea34da2d39d5
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ddce5d923065edc47c2b3a1d0157f2cfc0d502566b43b1014a51cb18ebd77cb3
deed9fa3155c7cc08297124f97e5701ae32163f5b20880e4908c55f0e91d6174
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1bbf1f3998bc2d291fd62b130cdc627b1c46e4954a3496dd7d941a301301c53
f531d6978f7956af9610f9c9340d4938f14f3143ba5eb631d48a593cb6b50855
fd899442c2e228b75ababfc6183c7829fd72af587f4333908d230bedfa0fd576
fdd153eedfa8265fbb24ad684dcef327e9e1eea9d1da8c54276d52e7b4c89e85