service.norvowmobile.ca Open in urlscan Pro
104.21.91.249 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://service.norvowmobile.ca/
Submission: On January 18 via automatic, source certstream-suspicious (January 18th 2024, 10:21:49 pm UTC) — Scanned from CA

Summary HTTP 43 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 14 domains to perform 43 HTTP transactions. The main IP is 104.21.91.249, located in and belongs to CLOUDFLARENET, US. The main domain is service.norvowmobile.ca.
TLS certificate: Issued by E1 on January 18th 2024. Valid for: 3 months.

This is the only time service.norvowmobile.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	104.21.91.249 104.21.91.249	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	104.16.189.89 104.16.189.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.179.95 142.251.179.95	15169 (GOOGLE) (GOOGLE)
6	142.251.111.94 142.251.111.94	15169 (GOOGLE) (GOOGLE)
1	172.64.153.27 172.64.153.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.90.154 104.17.90.154	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.251.168 104.17.251.168	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.78.186 104.16.78.186	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	104.19.155.83 104.19.155.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.176.125 104.18.176.125	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.18.95.253 104.18.95.253	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.110.209 104.16.110.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
43	14

9 104.21.91.249 (None, )

ASN13335 (CLOUDFLARENET, US)

service.norvowmobile.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.189.89 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.179.95 (United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.111.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.153.27 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.90.154 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.251.168 (None, )

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.78.186 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.155.83 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-na1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.176.125 (None, )

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.95.253 (None, )

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.110.209 (None, )

ASN13335 (CLOUDFLARENET, US)

avatars.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	norvowmobile.ca service.norvowmobile.ca	400 KB
8	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	125 KB
6	hubspot.com 1 redirects api.hubspot.com — Cisco Umbrella Rank: 4876 track.hubspot.com — Cisco Umbrella Rank: 2301 app.hubspot.com — Cisco Umbrella Rank: 5571 api-na1.hubspot.com — Cisco Umbrella Rank: 26379	24 KB
6	gstatic.com fonts.gstatic.com	117 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 5660	306 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4534 forms.hscollectedforms.net — Cisco Umbrella Rank: 4621	26 KB
1	hubspot.net avatars.hubspot.net — Cisco Umbrella Rank: 30805	2 KB
1	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4278	1016 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2120	21 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4841	24 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2148	21 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	1 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2407	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	30 KB
43	14

	Domain	Requested by
9	service.norvowmobile.ca	service.norvowmobile.ca
8	cdnjs.cloudflare.com	service.norvowmobile.ca cdnjs.cloudflare.com
6	fonts.gstatic.com	fonts.googleapis.com
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
2	app.hubspot.com	js.usemessages.com static.hsappstatic.net
2	api.hubspot.com	js.usemessages.com
1	avatars.hubspot.net
1	api-na1.hubspot.com	1 redirects
1	forms.hsforms.com
1	track.hubspot.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	fonts.googleapis.com	service.norvowmobile.ca
1	js.hs-scripts.com	service.norvowmobile.ca
1	code.jquery.com	service.norvowmobile.ca
43	18

This site contains links to these domains. Also see Links.

Domain
youtube.com
www.tiktok.com

Subject Issuer	Validity	Valid
service.norvowmobile.ca E1	`2024-01-18` - `2024-04-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://service.norvowmobile.ca/
Frame ID: 5DA8C4495B2B905CD35F1E9354F51331
Requests: 34 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/23907078/threads/utk/b69c7cda5c664166884537980a434801?uuid=f49b715a7cb34c3599f8a9f963045b9c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=service.norvowmobile.ca&inApp53=false&messagesUtk=b69c7cda5c664166884537980a434801&url=https%3A%2F%2Fservice.norvowmobile.ca%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 4D3E397B4DFB5A9044FE3CF3D9920149
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Norvow Mobile

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

98 %
HTTPS

0 %
IPv6

14
Domains

18
Subdomains

14
IPs

2
Countries

1101 kB
Transfer

2218 kB
Size

7
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://youtube.com/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://api-na1.hubspot.com/userpreferences/v1/avatar/af1d05a61af8ba5d391de49429ea2230/100 HTTP 307
https://avatars.hubspot.net/af1d05a61af8ba5d391de49429ea2230-100

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
service.norvowmobile.ca/ 6 KB
2 KB 181ms
129ms Document
text/html 104.21.91.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://service.norvowmobile.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.91.249 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

551b14708df05023354aa6096b1ae83bff1dc29e83a13cebc2d0dc7cc2fd2821

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 847a3b835995a1ea-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 18 Jan 2024 22:21:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bg3E4g%2FbzA0QrTfX6k2jS%2Bx8qKOCocFcbHYPqlAiDfzJ%2FlouZgponw1gHOjklTZ6OVf4Y9DAiK%2F0K01PwuK0KiyG1wGX%2BnrOlqW1YweojYufBEnV4jMerNOGdnNqsKfUkOwJ2jmfq6xCYg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 style.css
service.norvowmobile.ca/ 14 KB
3 KB 59ms
56ms Stylesheet
text/css 104.21.91.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://service.norvowmobile.ca/style.css

Requested by

Host: service.norvowmobile.ca
URL: https://service.norvowmobile.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.91.249 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4b8b8010aafc7b57ce17deb44ca6fb943a4b70debdb114b763b82cb763cd7a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service.norvowmobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:42 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"376cd08010a33f13ce693a8adb12e92e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXyc%2FpoPELsximoS8C9GwSsR9GccQO16s5F1%2B%2FqQ9XipJBfbiH998TcYzZUBXsqRlKgbVWLwJT7a%2BQY0Cpt39vYhe3T5R0qvPShHFty%2F35Y6qXArmwnbrH%2BwQTyMgcKPyheIFRrhui2moQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 847a3b843ac2a1ea-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 58 KB
11 KB 230ms
48ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Requested by

Host: service.norvowmobile.ca
URL: https://service.norvowmobile.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service.norvowmobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4286754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10482
last-modified: Tue, 01 Aug 2023 16:35:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93458-28f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R66n7UQH8YQSZwzKetlSnj81J26yh1AEqTioiwHsQfCsXFt6UAhoglci40ZH9IzgUV%2FHjOAXfDsidr%2BUQNOMh6tU8l1w8PUjhjaUFf%2FKkrJWV0%2FZXl6DKJun2AXI5He%2FanF192cP"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847a3b855bb25413-YYZ
expires: Tue, 07 Jan 2025 22:21:42 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 195ms
16ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: service.norvowmobile.ca
URL: https://service.norvowmobile.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service.norvowmobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:42 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 7161815
x-cache: HIT, HIT
content-length: 30879
x-served-by: cache-lga13628-LGA, cache-yyz4558-YYZ
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1705616503.609742,VS0,VE0
etag: W/"28feccc0-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 6, 209854

GET
H2 200 typed.min.js Show response
cdnjs.cloudflare.com/ajax/libs/typed.js/2.0.11/ 11 KB
3 KB 208ms
27ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/typed.js/2.0.11/typed.min.js

Requested by

Host: service.norvowmobile.ca
URL: https://service.norvowmobile.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa2cdc1f6dea82d7be6a219947193adc1c46532a10ac04195681f6cca53dbac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service.norvowmobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4194959
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3089
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-2de4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnDJj06%2BUNMx4J%2FLOx2q99Jdg88OK5CBm4GRvpc0fmOxQbHPc%2FAwg2mobWp332UYHGOjyXIsUQVRe%2By7r96KLwUp3TP9IpamFohybDYzAQMLQMoHab2i%2FGSr33IAh1mN6lZYiIG8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847a3b855bb85413-YYZ
expires: Tue, 07 Jan 2025 22:21:42 GMT

GET
H2 200 jquery.waypoints.min.js Show response
cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/ 9 KB
3 KB 207ms
26ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/jquery.waypoints.min.js

Requested by

Host: service.norvowmobile.ca
URL: https://service.norvowmobile.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service.norvowmobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4362913
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2417
last-modified: Mon, 04 May 2020 16:17:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0402f-2281"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2Btx5zXtOFD%2BiOZhs9H1IEOLg8JjZYsMPuaN1OUAaXqP0UST9eDsV5ciZQxmoNpfEdX8eEz%2FTqnWY1UXasOLKTLTToqOTH5e0Ukc0ipPC4Nyz3dHUd4cICjg8G30U8uHhxFEhDCK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847a3b855bb55413-YYZ
expires: Tue, 07 Jan 2025 22:21:42 GMT

GET
H2 200 owl.carousel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/ 43 KB
10 KB 212ms
31ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js

Requested by

Host: service.norvowmobile.ca
URL: https://service.norvowmobile.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service.norvowmobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 917849
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10158
last-modified: Mon, 04 May 2020 16:04:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf0-ad36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vXGnI8kB1yt4UIY6ibrsH4JSEv4qpGUccZzJjOuyWG%2FCof8uZs2L%2FEa7iMm7dRZFq1Qg43Y6YWR5OtngI264JZMGfm6uH8P1Cv8e0G6FTWmsRJ7s9aB9y6jKiOMQhdDDIxHZ2cFE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847a3b855bb45413-YYZ
expires: Tue, 07 Jan 2025 22:21:42 GMT

GET
H2 200 owl.carousel.min.css
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/ 3 KB
1 KB 211ms
30ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css

Requested by

Host: service.norvowmobile.ca
URL: https://service.norvowmobile.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service.norvowmobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3558400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 845
last-modified: Mon, 04 May 2020 16:04:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf0-d17"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FMwP3sO50M8nSqusK6B%2B7WVkwlxxeb3vCEeLIsi09C8CzI6%2BRoPbOBfSeXYoFw8cCGpTssVXBY8GdyLdInGK93IqrYvzoL1ppxde%2BvAQfLKTDvT7K5TDX3R8G6DzKdgSk00cMjq"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847a3b855bb15413-YYZ
expires: Tue, 07 Jan 2025 22:21:42 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 225ms
45ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: service.norvowmobile.ca
URL: https://service.norvowmobile.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service.norvowmobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1134393
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rfII6cQ9YPYicoDS7OLYj6qx9y6wlwaAwbenBdm3NdoLTEBfiPratvzqcJgZ%2Bvb45BBu%2FoN%2BnNRQSPJQM348J3m3m1AwP7n%2FR1PttwcBjvpsg4fqZbBosCoWEeiqPUno0mD06OJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847a3b855bb05413-YYZ
expires: Tue, 07 Jan 2025 22:21:42 GMT

GET
H2 200 norvow.png
service.norvowmobile.ca/ 21 KB
21 KB 75ms
74ms Image
image/png 104.21.91.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://service.norvowmobile.ca/norvow.png

Requested by

Host: service.norvowmobile.ca
URL: https://service.norvowmobile.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.91.249 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77f3724eb04a61427930ea040fe9de5552bd1a8cff18132efaac9a7c1c3d2da0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service.norvowmobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 21545
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "b474ff51bfb084ddaafe3b5c1098210c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R56kmWzIa04J80FQV9sCYEq3BXGuyrd6vO4Bt76sOCOxW5d3tTJ0yHFmzl2vClhnTzfcUbkmJuj8ktE%2Fh1SThyLO7Vq3zCrvfuGklOnz88jz5n%2F8c5%2BIJM8qhrv3T%2BKyZt4oizbwZxAT3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 847a3b843ac5a1ea-YYZ

GET
H2 200 youtube.png
service.norvowmobile.ca/images/ 6 KB
6 KB 67ms
66ms Image
text/html 104.21.91.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://service.norvowmobile.ca/images/youtube.png

Requested by

Host: service.norvowmobile.ca
URL: https://service.norvowmobile.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.91.249 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service.norvowmobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:42 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: REVALIDATED
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSjnjKHiLd485j598nIXdOVhY2oaJvSWjDCpW8oeHMqODBpODquRLV7iT60K8AjlGL3gjZfEo1a3QX2ZHH%2BgnSgnR8hwUB3Jfz5O0FwJNeEdJdKhTWrtcFlX0c3LdMvEb5012b1gJTsDBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 847a3b843ac7a1ea-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 tiktok.png
service.norvowmobile.ca/images/ 6 KB
6 KB 118ms
117ms Image
text/html 104.21.91.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://service.norvowmobile.ca/images/tiktok.png

Requested by

Host: service.norvowmobile.ca
URL: https://service.norvowmobile.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.91.249 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service.norvowmobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:42 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: REVALIDATED
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpSJ%2F6jGXPC6pw1Hl4Dl9liYBuUAR6KXsMlmwRVYkGAmpDFj%2BffQcthfgnZEWFV3pufDmc8bO6y3Kr1sPmT6MVmulKfFYCeTERub5Lbg5AriGFxkaeTCnAoxQSkY0%2BfJhWI41TRHzVCEUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 847a3b855a93a226-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 instagram.png
service.norvowmobile.ca/images/ 6 KB
6 KB 116ms
115ms Image
text/html 104.21.91.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://service.norvowmobile.ca/images/instagram.png

Requested by

Host: service.norvowmobile.ca
URL: https://service.norvowmobile.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.91.249 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service.norvowmobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:42 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: REVALIDATED
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpPbWKLFHQ%2F7B2h6My7IUxwKdqk2iBrIsXgfLtzs4eN8XKDJbOAhrmv7zTEx7sl5M3qsPqffCQf6qo%2FHGZ22XAmegg2HBKbyKqPX%2FUdXA13fI6zPMbR7Wfmn%2BwXcGN1RWqA%2FSQi6YhnElQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 847a3b855a97a226-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 email-decode.min.js Show response
service.norvowmobile.ca/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 21ms
20ms Script
application/javascript 104.21.91.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://service.norvowmobile.ca/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: service.norvowmobile.ca
URL: https://service.norvowmobile.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.91.249 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service.norvowmobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Jan 2024 17:29:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65983c8b-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7rHwRjiG5ltyMS8XsZ5XJh%2BE4dDjh1aY25jGu78qeKL9jUd4LhPr63VI3BzeTsm4Bhoih6aXj%2Fu7yJrTusHj3iZUl0yobja2a1gzFcfgJVPnLv2BoeT38ZzgYM3aQlYELq3Iz6bfcCF0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 847a3b861bd3a226-YYZ
expires: Sat, 20 Jan 2024 22:21:42 GMT

GET
H3 200 script.js Show response
service.norvowmobile.ca/ 2 KB
1 KB 79ms
79ms Script
application/javascript 104.21.91.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://service.norvowmobile.ca/script.js

Requested by

Host: service.norvowmobile.ca
URL: https://service.norvowmobile.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.91.249 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e256dcc11cdf75ac5a9604fda5d212fcc500d28d21abae7bcb061ea245812487

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service.norvowmobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:42 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"968df9ab08da0e69c627944f74ddce08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcodAyQQOFT3vKoyytYtC8NKr44SJ1iwdg01449usNKEFUyII23GRX6bN7h0MLuV7rPnhjo02H9igQZ9YNDaV5qTYvETofhpJ%2BbqLo%2FDUjgmxMi2TnF%2BmQCiuhDHya%2BKk6%2BxZ2PLHLAelQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 847a3b861bd8a226-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 23907078.js Show response
js.hs-scripts.com/ 2 KB
1 KB 466ms
424ms Script
application/javascript 104.16.189.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/23907078.js

Requested by

Host: service.norvowmobile.ca
URL: https://service.norvowmobile.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.189.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8683eaf381aeeca20e519364e995f2e050b0ee392c0f794071a1683725c9def1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service.norvowmobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 8de6d656-3386-4d86-a9cb-5014bc19a7e4
x-envoy-upstream-service-time: 5
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8de6d656-3386-4d86-a9cb-5014bc19a7e4
last-modified: Thu, 18 Jan 2024 22:18:02 GMT
server: cloudflare
x-trace: 2B48705E5ABA55422E8F94E2B0CF955C4331738FD5000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://service.norvowmobile.ca
x-evy-trace-virtual-host: all
cache-control: public, max-age=90
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-fcdc68c87-85tft
cf-ray: 847a3b868b9f39fb-YYZ
expires: Thu, 18 Jan 2024 22:23:12 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 126ms
49ms Stylesheet
text/css 142.251.179.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&family=Ubuntu:wght@400;500;700&display=swap

Requested by

Host: service.norvowmobile.ca
URL: https://service.norvowmobile.ca/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.179.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f95.1e100.net

Software

ESF /

Resource Hash

c80d7404a050728dd0d9dfddf69aa7679eebeae2051ab7e568522a0c57662212

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service.norvowmobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 22:21:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 22:21:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 22:21:42 GMT

GET
H3 200 banner.jpg
service.norvowmobile.ca/ 352 KB
352 KB 90ms
89ms Image
image/jpeg 104.21.91.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://service.norvowmobile.ca/banner.jpg

Requested by

Host: service.norvowmobile.ca
URL: https://service.norvowmobile.ca/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.91.249 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8cf6f98e2f8ce67ef32ed51239f7d881783479dc6f6de2c05c32a202a389beb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service.norvowmobile.ca/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 360059
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "5f8ab5317ade8d261439c537a2ae15d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZ5SJyhj4P98khkYyig1DSdvCILnqiMxTVdU5PN1AQxPHYb%2FxsCwrbEE0XOrqqpub1KjKhGNq3By0RnrCMtJr%2Fc6XNSVV1FkPPcrzp0eUBqYyzWenUs7dm1QTOglCKA1FiHXsTCg3fflWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 847a3b864c16a226-YYZ

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 113ms
36ms Font
font/woff2 142.251.111.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&family=Ubuntu:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f94.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://service.norvowmobile.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 19:11:04 GMT
x-content-type-options: nosniff
age: 11438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 19:11:04 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 76 KB
77 KB 53ms
32ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin: https://service.norvowmobile.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:42 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4441794
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 78196
last-modified: Tue, 01 Aug 2023 16:35:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93458-13174"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzxB4XJprPdP3%2BeOnA1qmWFq7yjpOe0zmx%2BV9YCQEQtfoCujlrc2DS%2FHU1%2FILutrpmNJAE2iVCU%2B0YcLzl5153Ex7CmP0Bwau2zt6ehL0R0EMz3txIZAUUXow%2FRgRUsn%2BP8vxYy4"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847a3b866c2739d7-YYZ
expires: Tue, 07 Jan 2025 22:21:42 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
29 KB 114ms
39ms Font
font/woff2 142.251.111.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&family=Ubuntu:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f94.1e100.net

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://service.norvowmobile.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 04:28:24 GMT
x-content-type-options: nosniff
age: 64398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 04:28:24 GMT

GET
H2 200 4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 30 KB
30 KB 140ms
66ms Font
font/woff2 142.251.111.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&family=Ubuntu:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f94.1e100.net

Software

sffe /

Resource Hash

e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://service.norvowmobile.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 19:31:53 GMT
x-content-type-options: nosniff
age: 10189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30480
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 19:31:53 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
34 KB 149ms
75ms Font
font/woff2 142.251.111.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&family=Ubuntu:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f94.1e100.net

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://service.norvowmobile.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 03:19:01 GMT
x-content-type-options: nosniff
age: 68561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 03:19:01 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 135ms
61ms Font
font/woff2 142.251.111.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&family=Ubuntu:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f94.1e100.net

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://service.norvowmobile.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:00:38 GMT
x-content-type-options: nosniff
age: 30064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 14:00:38 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 156ms
83ms Font
font/woff2 142.251.111.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&family=Ubuntu:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f94.1e100.net

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://service.norvowmobile.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 17:56:52 GMT
x-content-type-options: nosniff
age: 447890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jan 2025 17:56:52 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 13 KB
14 KB 56ms
56ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f0fefab783abd19bc1b6c4f9dedd620764d243d141165603c77bb5152c231c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin: https://service.norvowmobile.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:42 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4275021
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13276
last-modified: Tue, 01 Aug 2023 16:35:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93458-33dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggceWip9tzQgw0z6UkIK7AZBjBbamvUk%2FdWMZSr8rFlokmwciLX97MTIdkpGIU862WCNmKObb3XeQZV8olMuoIVKRyr2fNaCuux7PmZ3fj%2Bt63iztv7FgilURurA1%2FzHilBf22ri"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847a3b869cac39d7-YYZ
expires: Tue, 07 Jan 2025 22:21:42 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/23907078/ 65 KB
21 KB 132ms
88ms Script
text/javascript 172.64.153.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/23907078/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/23907078.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.153.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13d216f22460e1ce10cea6e3bb3260f62f11333f30dd596dc052f0a54994f446

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service.norvowmobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:43 GMT
x-amz-version-id: oezmBluv_Gcnw7G8rYfPOrqfizXTdinK
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: P4PJ2ASGEDBDQF99
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: cdfe8fbd-1352-49b4-83f2-da7af5e89e06
x-envoy-upstream-service-time: 63
x-amz-id-2: Zc0Rb+ZU+NRtzjtnagj9aIk4yuFFIvQvn+oZMVp6FHNY2Rx7K2LZgJEoYE1BPPFtDSKWhUpKues=
x-evy-trace-listener: listener_https
x-request-id: cdfe8fbd-1352-49b4-83f2-da7af5e89e06
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 11 Jan 2024 23:30:48 GMT
server: cloudflare
etag: W/"ac1f80191563151b359c2df505501e3e"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://staging.norvow.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-855d6bfb88-dk98m
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 847a3b89986336d0-YYZ
expires: Thu, 18 Jan 2024 22:26:43 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 91ms
47ms Script
application/javascript 104.17.90.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/23907078.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.90.154 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c326f96b9af470b51c887a189b1f81d241d6beef4844b37c8add5144fa6f55d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://service.norvowmobile.ca/
Origin: https://service.norvowmobile.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-encoding: br
age: 87
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.451/bundles/project.js&cfRay=847a396bee413701-YYZ
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"dc52d8d37d1323196ca91b50795df6c4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: collected-forms-embed-js/static-1.451/bundles/project.js
date: Thu, 18 Jan 2024 22:21:43 GMT
x-amz-version-id: JAkD5shSwdxe4gNEROP8R.wQbdFvcCSE
via: 1.1 caafbc8a9aa04b09dd564a3ddef60622.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 59f3f16e-cb77-41e3-a4d5-09d32872bc90
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
x-evy-trace-route-configuration: listener_https/all
x-request-id: 59f3f16e-cb77-41e3-a4d5-09d32872bc90
last-modified: Wed, 03 Jan 2024 09:59:36 UTC
server: cloudflare
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-bf946f66b-h748p
cf-ray: 847a3b899bb27118-YYZ
x-amz-cf-id: TkdHDGFOcuGOa6dfVugvw_qAqnzwFVr43NmfUMj0qXej0TS_OmVVWw==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 84 KB
24 KB 74ms
29ms Script
application/javascript 104.17.251.168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/23907078.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.251.168 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08f09e95e50ae9c0181382558ff935903a7b273b4a8e5006788e85ae1c72c7c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service.norvowmobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:43 GMT
x-amz-version-id: KYDl9V0le_8eNyhqu8y2yzPaUoKjKmsM
via: 1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 217
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.15030/bundles/project.js&cfRay=847a363b9a153a05-YYZ
x-cache: Hit from cloudfront
x-hubspot-correlation-id: b04239be-16e7-4be6-9933-94e141ae3818
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 2
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b04239be-16e7-4be6-9933-94e141ae3818
last-modified: Wed, 20 Dec 2023 17:16:05 UTC
server: cloudflare
etag: W/"64e2daa01b1349fee44794df69e776a8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-bf946f66b-4xgj6
cf-ray: 847a3b899f1b3a00-YYZ
x-amz-cf-id: O0Y2dYEmu97vemm_71DvaslESNn2Fpq_3fDMXA7_l-YfPqSL-9sPuQ==
x-hs-target-asset: conversations-embed/static-1.15030/bundles/project.js

GET
H2 200 23907078.js Show response
js.hs-analytics.net/analytics/1705616400000/ 66 KB
21 KB 145ms
102ms Script
text/javascript 104.16.78.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1705616400000/23907078.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/23907078.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.78.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e9f90b0374065014d7f17f57ee3fb2d02aa0da4e450bee0035b5952bffbb112

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service.norvowmobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:43 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: XW6H0V7H3Z4GM3DK
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: a3546fc8-7ce1-4c4d-9ad0-3a9a6d133518
x-envoy-upstream-service-time: 36
x-amz-id-2: jS2pEhHEd13ypX6hyKqAhiV2ccDkUuW+TLRuD3LGJbTx5b+oSBHu05IJy7/u6YiaLk4vCswwfFOPwxP+CHNye/lfyMEBjZNP
x-evy-trace-listener: listener_https
x-request-id: a3546fc8-7ce1-4c4d-9ad0-3a9a6d133518
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 03 Jan 2024 17:16:10 GMT
server: cloudflare
etag: W/"289e27e28ea9f71a169e37f6b024b65e"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-855d6bfb88-8jbvm
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 847a3b899ff138e4-YYZ
expires: Thu, 18 Jan 2024 22:26:43 GMT

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 170ms
170ms XHR
application/json 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=23907078&conversations-embed=static-1.15030&mobile=false&messagesUtk=b69c7cda5c664166884537980a434801&traceId=b69c7cda5c664166884537980a434801

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a430e79cf4e43a73359032887fd8685f0624cdb16bff3163a088e293f637c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://service.norvowmobile.ca/
accept-language: en-CA,en;q=0.9
X-HubSpot-Messages-Uri: https://service.norvowmobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 0dbac851-2588-4dbf-86d2-e53085bed8fc
x-envoy-upstream-service-time: 97
content-length: 1388
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0dbac851-2588-4dbf-86d2-e53085bed8fc
server: cloudflare
x-trace: 2B1932C3F8EACF2370BF49ED16281CFDF8EE4DE313000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://service.norvowmobile.ca
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-fcdc68c87-7mxrv
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSSORsrcXa3Hn9FWoWPsGpPe0bmFtjAi9GpxATtnf3%2Fu01UQ8m0AwC%2FWO0xWZfcb2NoNM4VdFh1P6rXeWkABl44bEs572pWZJogRtXGL%2Ffxfxs5L3AZcOdWW9A9B%2FtCthQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 847a3b8ad94a3905-YYZ
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 130ms
85ms Preflight
text/plain 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://service.norvowmobile.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://service.norvowmobile.ca
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 847a3b8a48223905-YYZ
content-length: 18
content-type: text/plain; charset=utf-8
date: Thu, 18 Jan 2024 22:21:43 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrUC0GJTJi4mET2p8wMSNdYht8jaqyR1VVbMFZV1qWjTHOgcgKSX%2FsC3nyvgHQuaQH88SanZGF14yz8GgCQmRY0PSUpkICKtiEte0Mfo5tPs6P3jUc832iA%2BviqKNVdt%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 4
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-fcdc68c87-2trhz
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 6258a64d-2f37-4421-b704-7fae37ff6732
x-request-id: 6258a64d-2f37-4421-b704-7fae37ff6732
x-trace: 2B071D4B3860053FEA97CF0736451B823C8B02348B000000000000000000

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 116 B
438 B 57ms
53ms XHR
application/json 104.17.90.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=23907078&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.90.154 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e171e42bc12f651b2f1772564b1e8ba0cfb6ea8239dc856a62998d4d55e2dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://service.norvowmobile.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f470841c-063f-4944-aa6b-4d56f2ce73eb
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f470841c-063f-4944-aa6b-4d56f2ce73eb
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://service.norvowmobile.ca
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-bf946f66b-dhz6l
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 847a3b8a4d0e7118-YYZ

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 116ms
72ms Image
image/gif 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1472318924&v=1.1&a=23907078&pu=https%3A%2F%2Fservice.norvowmobile.ca%2F&t=Norvow+Mobile&cts=1705616503417&vi=e0d32aa0f0db9b42058cb4f402920914&nc=true&u=234915998.e0d32aa0f0db9b42058cb4f402920914.1705616503413.1705616503413.1705616503413.1&b=234915998.1.1705616503413&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service.norvowmobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 65e9d98f-5019-42fb-95d5-f76674c3b440
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 65e9d98f-5019-42fb-95d5-f76674c3b440
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azSZj37KTe1Sb9GWqO4NSHreJambiDTyWWR3u7Ep9eaXkBG90CLgGfsM6uIdPtustUk4Km95%2BP7K15p5JxQ73HKJsNsrX2AWtDrvTCz8eQWXfceJi03kW4kgsn1dGZZw56yT"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-865d96945d-k44zc
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 847a3b8aba45711c-YYZ
x-robots-tag: none

GET
H/1.1 200
OK counters.gif
forms.hsforms.com/embed/v3/ 35 B
1016 B 112ms
72ms Image
image/gif 104.18.176.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.18.176.125 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service.norvowmobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 22:21:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: abd4d3f0-e9a5-406f-9573-cdaa000ab4e8
x-envoy-upstream-service-time: 2
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: abd4d3f0-e9a5-406f-9573-cdaa000ab4e8
Server: cloudflare
X-Trace: 2B1CB1384349A81CF29B8B30D7BA1DBA2E2DC229FD000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-547b899f8d-pndnr
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 847a3b8ae8b9a240-YYZ

GET
H2 200 b69c7cda5c664166884537980a434801 Show response
app.hubspot.com/conversations-visitor/23907078/threads/utk/ Frame 4D3E 53 KB
19 KB 408ms
402ms Document
text/html 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/23907078/threads/utk/b69c7cda5c664166884537980a434801?uuid=f49b715a7cb34c3599f8a9f963045b9c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=service.norvowmobile.ca&inApp53=false&messagesUtk=b69c7cda5c664166884537980a434801&url=https%3A%2F%2Fservice.norvowmobile.ca%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e84303d826aeaf19df684387b7aafffca15ce11a914bb55c13fb08d904850a51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Referer: https://service.norvowmobile.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: false
age: 3009
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 847a3b8cce63711c-YYZ
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.17482/html/index.html&cfRay=847a3b8cce63711c&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F23907078%2Fthreads%2Futk%2Fb69c7cda5c664166884537980a434801%3Fuuid%3Df49b715a7cb34c3599f8a9f963045b9c%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Dservice.norvowmobile.ca%26inApp53%3Dfalse%26messagesUtk%3Db69c7cda5c664166884537980a434801%26url%3Dhttps%253A%252F%252Fservice.norvowmobile.ca%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fservice.norvowmobile.ca%2F&cfenv=prod&pdt=2024-01-18&csp=ro
content-type: text/html; charset=utf-8
date: Thu, 18 Jan 2024 22:21:43 GMT
etag: W/"42d71e3fc861480ce15360e948ef69a9"
last-modified: Wed, 20 Dec 2023 17:16:05 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=847a3b8cce63711c&resource=conversations-visitor-ui/static-1.17482/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront)
x-amz-cf-id: G4ZZYE-EmgRYvmJZj5B-jhgHOtpqN27HU4H6jQSFFcqInex1FU7WvA==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: nQaexJYQXOeUe4sT1jrbLst5Q2XR68Ui
x-cache: Hit from cloudfront
x-content-type-options: no-sniff
x-envoy-upstream-service-time: 9
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-bf946f66b-j5nfd
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.17482/html/index.html
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: 37b8cb82-26f9-4739-8a2c-5ea60a367852
x-request-id: 37b8cb82-26f9-4739-8a2c-5ea60a367852

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.368/ Frame 4D3E 44 KB
17 KB 80ms
38ms Script
application/javascript 104.18.95.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.368/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/23907078/threads/utk/b69c7cda5c664166884537980a434801?uuid=f49b715a7cb34c3599f8a9f963045b9c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=service.norvowmobile.ca&inApp53=false&messagesUtk=b69c7cda5c664166884537980a434801&url=https%3A%2F%2Fservice.norvowmobile.ca%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.95.253 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15da0333da024365f065c44b1861355fac0211292dd57a0bb5f482ebcd166f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:44 GMT
x-amz-version-id: wWLMJ6qW0lXJfco2m026CzodYMop32jV
via: 1.1 3bff6c700d376f51ba81ef57dc2bd6e6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: YUL62-C2
age: 2037704
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=847a3b8faa7da24a-YYZ
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 11 Jul 2023 18:31:41 GMT
server: cloudflare
etag: W/"63ec2a77119dfb2ddcae56ab3a029230"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUeVpO4b3N%2FhagxsSHJOuL2ZSLzadvpe6TwwwoKM%2BTfZeaDP8omCYfPEUoTn%2FtmEGaS%2FqVMFM0eG2jHUcwvPG%2FthTvFRnB3mxmdBDPms12Ro299kdJO92ZvgUdcskcN2oo3ifTXvS0c%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 847a3b8faa7da24a-YYZ
x-amz-cf-id: UHzbsRYKPr3GB6JR5UDuGdJOxF9rsRssSAeQooG55X45ot2NWDAkIA==
expires: Fri, 17 Jan 2025 22:21:44 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.17110/sass/ Frame 4D3E 19 KB
4 KB 82ms
40ms Stylesheet
text/css 104.18.95.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.17110/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.95.253 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

405767448d618a7a326a509bf3c8484414ddf0f9518dad53f90794e7796bdde8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:44 GMT
x-amz-version-id: 8JK3Qs8SBE2zTXCiSEFRAiP414rxQpaa
via: 1.1 412b0215b557780a6efcc1651037dc90.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: YTO50-P1
age: 1866676
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=847a3b8faa1339cc-YYZ
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 14:28:10 GMT
server: cloudflare
etag: W/"686ebda4c47b0bdb5d9460221c8036d1"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BypuG0kps%2BkmOPdnrOas5GXetYc1YBa4EgbhMDim%2BPt%2Bh%2FnmeC5CDKVMu%2Bu%2BXizehLn1KTvNbuSPVgOWobAD8%2FF0JxHU69npt0BD9Sm%2B7yJyKpoPAtbxfQVGlsOYLKrIHFsLIq%2BEMA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 847a3b8faa1339cc-YYZ
x-amz-cf-id: EcMHvIh2xUsjBoX72EYXYoiPeUie9yYd09LSkW5_r0tTbWW3O6j_3g==
expires: Fri, 17 Jan 2025 22:21:44 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.504/ Frame 4D3E 295 KB
94 KB 65ms
38ms Script
application/javascript 104.18.95.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.504/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.95.253 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b61f5538c3fee3652999b99f2585d0183cc471f66baf66e4ad27a5988b71fd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:44 GMT
x-amz-version-id: pLRM47oWyQvFPXnQqB0Xnrdsef_7CtJj
via: 1.1 1469d4976bc2a36b5840519c9e3dbad6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: YTO50-P1
age: 1376163
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=847a3b8faa7ea24a-YYZ
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Dec 2023 22:46:47 GMT
server: cloudflare
etag: W/"a8668c0a3c3eb63a5f8c9c602c061d7c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSw%2FkUg%2FoFMUOfVdMppnB4i4njA96tuPIa%2BvNxilaDdBZljCw3Nk1Dd1Vt4SA%2BvKR40XiLY8D0usLKtYlVwvAor%2FLYbWAxvUtz2h0lvsFFeM8ivJuWQmQX%2FKB1LA2cO%2Be5sucmnvhz8%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 847a3b8faa7ea24a-YYZ
x-amz-cf-id: wWnc2ujMC6z_MOq6eMFUkqdFQKnjkputQdWWl-WCN6_ofRQQGCffAQ==
expires: Fri, 17 Jan 2025 22:21:44 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.17482/bundles/ Frame 4D3E 643 KB
190 KB 64ms
39ms Script
application/javascript 104.18.95.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.17482/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.95.253 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe23081bb10b4f88ebb5371f5ddeff574f12fe65f181b261a06fbd0f1f6fec6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:44 GMT
x-amz-version-id: E8dY39a7B9kplJwC1wmTljlvnk_7cexN
via: 1.1 9a6f07a84b60a85466bb31603767843c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: YUL62-C2
age: 104730
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=847a3b8faa7fa24a-YYZ
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Dec 2023 16:57:14 GMT
server: cloudflare
etag: W/"7d3caf7a6d963525695abb1e99e347e0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xM6FGoqa%2F%2BoXv%2FaMTdPMGFRCAq9E%2BNq7V2pmoWB0VIGGgiKP4AF65AjO81uiqjoXlNy4hyxX%2BeEIxxTctLYexAk9dWB%2BqpJUDy6iyhXXjJ5SNsf4U2s0vjmPuhdIaMZPmmE6dq7lxPU%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 847a3b8faa7fa24a-YYZ
x-amz-cf-id: v3wZjVDFQyaDGW_Yovq2OTZKK_NSK5zVDSX3jE6iQmhy6kWYKnwSGg==
expires: Fri, 17 Jan 2025 22:21:44 GMT

GET
H2 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.17463/ Frame 4D3E 841 B
1 KB 42ms
41ms Script
application/javascript 104.18.95.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.17463/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.17482/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.95.253 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b750bbe95d0c93af7e1f68971809f76b6ad8da24ede33819de25f73499d22c5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:44 GMT
x-amz-version-id: 2PedFzTpXHkp2bsRaGaTobXs2AtcZbb.
via: 1.1 101faeb149b23d8a2ab2e8bae2efec18.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: YTO50-P1
age: 269578
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=847a3b910c8ba24a-YYZ
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 18 Dec 2023 18:01:14 GMT
server: cloudflare
etag: W/"7784b0f7a03801645cf88a9f389d710c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xUSiIiSk4atodPnB3s00H90pfxqAnOcHY9kEIbadzkP6JA7Yyxb5YOKxd7EcwVovOGs%2B9u8Haeup4bHNotCXjUGZdUPDjitKsUG8ukzryoRu4fsmFLIfe2WTysfG%2B5%2BksNxrNc3DCA%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 847a3b910c8ba24a-YYZ
x-amz-cf-id: MI_MWA4p2QK9P4nVspM2FNK1AN07Iwm1M4rP4e7yHKT5yQ6xY1iPpg==
expires: Fri, 17 Jan 2025 22:21:44 GMT

GET
H2

200

af1d05a61af8ba5d391de49429ea2230-100
avatars.hubspot.net/ Frame 4D3E
Redirect Chain

https://api-na1.hubspot.com/userpreferences/v1/avatar/af1d05a61af8ba5d391de49429ea2230/100
https://avatars.hubspot.net/af1d05a61af8ba5d391de49429ea2230-100

2 KB
2 KB

515ms
59ms

Image
image/webp

104.16.110.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.hubspot.net/af1d05a61af8ba5d391de49429ea2230-100
Protocol: H2
Server: 104.16.110.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f9c977ceb7e813c38579e9b15d900c98383fb2c44e58d80284eb2b95160d6f3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:21:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9S37ADY0MG76JA0T
age: 22430
cf-polished: origFmt=png, origSize=2730
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1830
x-amz-id-2: Hj5hrnkqDaDPtqgPViZTIyXjf5x4AYSrhCnz42tV960UDR0kkPgxD0c1mD+cO30h8qqg/6gY0ySE6plSr7bRJxIJl1lKmEGBsHefkQrPi6I=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 26 Dec 2023 19:54:03 GMT
server: cloudflare
etag: "6434b7ff7e6f6eff99bb8b3c1bfaadcc"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqkx3VPs7WvQIgOlFm7Lms8xJ8GbimQU0O%2B2sebaPSPvXs9RWHhNmrvXlE28U%2Bf76c%2BrxOZg2noH7R87d6odmxqMy0faerDPsDDSjnDCo5pi6vhv3TI5a9sNG8ZJoQ2JjlRKzy4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=0
accept-ranges: bytes
cf-ray: 847a3b95a816a1ed-YYZ

Redirect headers

date: Thu, 18 Jan 2024 22:21:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 59ac51fd-e6ae-4560-a809-74e605ba0066
x-envoy-upstream-service-time: 67
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 59ac51fd-e6ae-4560-a809-74e605ba0066
server: cloudflare
x-trace: 2B65810141183BAF03F2C252D96284D08514829067000000000000000000
vary: origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DcszxoXAyc5pZOJA3eFxY57hcDtHQmSZ9qZQnN35blZxS%2B%2Bk%2BIXwuf%2B2PjxhgDcZCPOMYJpsQll%2Fs%2FQ0sDgfx0h4%2F5ZkanZw2MYA7HVQelv4vSCI0kRBnLiKNBOCEjo1P%2BeINc%3D"}],"group":"cf-nel","max_age":604800}
location: https://avatars.hubspot.net/af1d05a61af8ba5d391de49429ea2230-100
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-fcdc68c87-zn7md
access-control-allow-credentials: false
cf-ray: 847a3b920a02711c-YYZ

POST
H2 204 rhumb
app.hubspot.com/api/cartographer/v1/ Frame 4D3E 0
1 KB 80ms
79ms Ping
text/plain 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.17482

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.17482/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.hubspot.com/conversations-visitor/23907078/threads/utk/b69c7cda5c664166884537980a434801?uuid=f49b715a7cb34c3599f8a9f963045b9c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=service.norvowmobile.ca&inApp53=false&messagesUtk=b69c7cda5c664166884537980a434801&url=https%3A%2F%2Fservice.norvowmobile.ca%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 18 Jan 2024 22:21:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 0c7784e0-7b97-4e38-8e9a-80378ce50712
x-envoy-upstream-service-time: 4
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0c7784e0-7b97-4e38-8e9a-80378ce50712
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJ9Qa4BF1D1dI64eFiXAd%2BUAlrHegivFmv1NHi9W5XqVa2DkFf3Gb7PdQUCJuJSx7ajpnfEB8BHdom0RSdO%2F3tw4u%2FsQk98DTGtpaAi0QIPhLaWcfjJY82IqqQbmsMWSmw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-fcdc68c87-ddr7z
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet, X-HubSpot-Auth-Failure
access-control-max-age: 604800
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 847a3b920a0c711c-YYZ
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Dpl-Correlation-Group-Id, X-HubSpot-Dpl-Parent-Log-Id
timing-allow-origin: *

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
service.norvowmobile.ca/	1970-01-20 22:06:08	Name: __hstc Value: 234915998.e0d32aa0f0db9b42058cb4f402920914.1705616503413.1705616503413.1705616503413.1
service.norvowmobile.ca/	1970-01-20 22:06:08	Name: hubspotutk Value: e0d32aa0f0db9b42058cb4f402920914
service.norvowmobile.ca/	1969-12-31 23:59:59	Name: __hssrc Value: 1
service.norvowmobile.ca/	1970-01-20 17:46:58	Name: __hssc Value: 234915998.1.1705616503413
.hubspot.com/	1970-01-20 17:46:58	Name: __cf_bm Value: 3XH6WtZ0iDBOZPNKCDWLe8pwDgBK2UpWLPwwzShs_xI-1705616503-1-ASCZMUKjIFExzImdVZaysMNXfUE2zNYaoiLP+uM63Yc619cVfcEs1fiweqKrV0xJaURpGXJSoXwdUD5U+adrCFI=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: QpDIeVhcy42wEuMryBA2ADMrzNaVCk5vWZ9kb4YzhIQ-1705616503526-0-604800000
.service.norvowmobile.ca/	1970-01-20 22:06:08	Name: messagesUtk Value: b69c7cda5c664166884537980a434801

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-na1.hubspot.com
api.hubspot.com
app.hubspot.com
avatars.hubspot.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
forms.hsforms.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.usemessages.com
service.norvowmobile.ca
static.hsappstatic.net
track.hubspot.com
104.16.110.209
104.16.189.89
104.16.78.186
104.17.25.14
104.17.251.168
104.17.90.154
104.18.176.125
104.18.95.253
104.19.155.83
104.21.91.249
142.251.111.94
142.251.179.95
151.101.66.137
172.64.153.27
08f09e95e50ae9c0181382558ff935903a7b273b4a8e5006788e85ae1c72c7c6
0e9f90b0374065014d7f17f57ee3fb2d02aa0da4e450bee0035b5952bffbb112
13d216f22460e1ce10cea6e3bb3260f62f11333f30dd596dc052f0a54994f446
15da0333da024365f065c44b1861355fac0211292dd57a0bb5f482ebcd166f4b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
2e171e42bc12f651b2f1772564b1e8ba0cfb6ea8239dc856a62998d4d55e2dcf
3f9c977ceb7e813c38579e9b15d900c98383fb2c44e58d80284eb2b95160d6f3
405767448d618a7a326a509bf3c8484414ddf0f9518dad53f90794e7796bdde8
4f0fefab783abd19bc1b6c4f9dedd620764d243d141165603c77bb5152c231c0
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
551b14708df05023354aa6096b1ae83bff1dc29e83a13cebc2d0dc7cc2fd2821
5b61f5538c3fee3652999b99f2585d0183cc471f66baf66e4ad27a5988b71fd7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
77f3724eb04a61427930ea040fe9de5552bd1a8cff18132efaac9a7c1c3d2da0
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7c326f96b9af470b51c887a189b1f81d241d6beef4844b37c8add5144fa6f55d
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
8683eaf381aeeca20e519364e995f2e050b0ee392c0f794071a1683725c9def1
8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1
9a430e79cf4e43a73359032887fd8685f0624cdb16bff3163a088e293f637c92
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
b750bbe95d0c93af7e1f68971809f76b6ad8da24ede33819de25f73499d22c5d
c4b8b8010aafc7b57ce17deb44ca6fb943a4b70debdb114b763b82cb763cd7a4
c80d7404a050728dd0d9dfddf69aa7679eebeae2051ab7e568522a0c57662212
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e256dcc11cdf75ac5a9604fda5d212fcc500d28d21abae7bcb061ea245812487
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e84303d826aeaf19df684387b7aafffca15ce11a914bb55c13fb08d904850a51
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8cf6f98e2f8ce67ef32ed51239f7d881783479dc6f6de2c05c32a202a389beb
fa2cdc1f6dea82d7be6a219947193adc1c46532a10ac04195681f6cca53dbac3
fe23081bb10b4f88ebb5371f5ddeff574f12fe65f181b261a06fbd0f1f6fec6f

service.norvowmobile.ca Open in urlscan Pro 104.21.91.249 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

98 %HTTPS

0 %IPv6

14 Domains

18 Subdomains

14 IPs

2 Countries

1101 kBTransfer

2218 kBSize

7 Cookies

2 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

service.norvowmobile.ca Open in urlscan Pro
104.21.91.249 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

98 %
HTTPS

0 %
IPv6

14
Domains

18
Subdomains

14
IPs

2
Countries

1101 kB
Transfer

2218 kB
Size

7
Cookies

43 HTTP transactions
0 data transactions