urlscan.io logo urlscan.io
SecurityTrails logo

portal.medicial.no Open in urlscan Pro
79.160.234.76  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clearlyenlight.com/index.php?c=2777&t=28691&e=26043
Effective URL: https://portal.medicial.no/dvit23orm/?aff-id=422872
Submission: On May 06 via manual from SE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 25 HTTP transactions. The main IP is 79.160.234.76, located in Stavanger, Norway and belongs to ALTIBOX_AS Norway, NO. The main domain is portal.medicial.no.
TLS certificate: Issued by R3 on April 7th 2024. Valid for: 3 months.
This is the only time portal.medicial.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2001:41d0:203:9a4f:980e:8865:4182:11e6 (France)

ASN16276 (OVH, FR)
clearlyenlight.com
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    3.12.8.128 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-8-128.us-east-2.compute.amazonaws.com
cnecco.com
1    3.23.196.136 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-23-196-136.us-east-2.compute.amazonaws.com
bemediaor.com
15    79.160.234.76 (Stavanger, Norway)

ASN29695 (ALTIBOX_AS Norway, NO)
PTR: 79.160.234.76.static.lyse.net
portal.medicial.no
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
15 medicial.no
portal.medicial.no
2 MB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
region1.google-analytics.com — Cisco Umbrella Rank: 2533
21 KB
2 gstatic.com
fonts.gstatic.com
66 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
171 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
1 bemediaor.com
bemediaor.com
383 B
1 cnecco.com
cnecco.com
445 B
1 clearlyenlight.com
clearlyenlight.com
898 B
25 8
Domain Requested by
15 portal.medicial.no portal.medicial.no
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com clearlyenlight.com
www.googletagmanager.com
1 fonts.googleapis.com portal.medicial.no
1 bemediaor.com 1 redirects
1 cnecco.com 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 clearlyenlight.com
25 9

This site contains no links.

Subject Issuer Validity Valid
clearlyenlight.com
R3		 2024-03-13 -
2024-06-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
portal.medicial.no
R3		 2024-04-07 -
2024-07-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://portal.medicial.no/dvit23orm/?aff-id=422872
Frame ID: 3289DE0DC1768FF6B3AE3D628895FC7C
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Medicial D-vitamin

Page URL History Show full URLs

  1. https://clearlyenlight.com/index.php?c=2777&t=28691&e=26043 Page URL
  2. https://cnecco.com/click.track?CID=465918&AFID=468975&SID=ADS HTTP 302
    https://bemediaor.com/click.track?CID=465592&AFID=422872&AffiliateReferenceID=05_180176136_efe9fa2... HTTP 302
    https://portal.medicial.no/dvit23orm/?aff-id=422872 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

96 %
HTTPS

67 %
IPv6

8
Domains

9
Subdomains

8
IPs

4
Countries

2311 kB
Transfer

2704 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clearlyenlight.com/index.php?c=2777&t=28691&e=26043 Page URL
  2. https://cnecco.com/click.track?CID=465918&AFID=468975&SID=ADS HTTP 302
    https://bemediaor.com/click.track?CID=465592&AFID=422872&AffiliateReferenceID=05_180176136_efe9fa25-6c0b-466a-bc45-82d153366d97&SID=468975 HTTP 302
    https://portal.medicial.no/dvit23orm/?aff-id=422872 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://clearlyenlight.com/style/images/bimi.ico HTTP 302
  • https://clearlyenlight.com/fr/style/images/bimi_ico

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index.php
clearlyenlight.com/ 		2 KB
898 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clearlyenlight.com/index.php?c=2777&t=28691&e=26043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:203:9a4f:980e:8865:4182:11e6 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
89c2b2f39fa2342fab7b61a542cc925803d519d740a190b6b1cb809e2e9760a7

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 May 2024 18:14:36 GMT
server
nginx/1.18.0 (Ubuntu)
js
www.googletagmanager.com/gtag/ 		203 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-153633782-1
Requested by
Host: clearlyenlight.com
URL: https://clearlyenlight.com/index.php?c=2777&t=28691&e=26043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
887aa505e4755bbdf30823e81509fb44246931a615152163a6b107c6a67df695
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clearlyenlight.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 18:14:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74801
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 06 May 2024 18:14:37 GMT
js
www.googletagmanager.com/gtag/ 		292 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W8ZJSFSEVF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153633782-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
161b628b5a81926bbd3a91e93e5cfba0e7a1088820d8baa7d395707dd1b35d7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clearlyenlight.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 18:14:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100124
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 06 May 2024 18:14:37 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153633782-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clearlyenlight.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 06 May 2024 17:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2014
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 06 May 2024 19:41:03 GMT
collect
region1.google-analytics.com/g/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-W8ZJSFSEVF&gtm=45je4510v9111393022za200&_p=1715019276916&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1891614819.1715019277&ul=fr-fr&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715019277&sct=1&seg=0&dl=https%3A%2F%2Fclearlyenlight.com%2Findex.php%3Fc%3D2777%26t%3D28691%26e%3D26043&dt=Loading...%20%2F%20clearlyenlight.com&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=784
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W8ZJSFSEVF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clearlyenlight.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 06 May 2024 18:14:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://clearlyenlight.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=84615966&t=pageview&_s=1&dl=https%3A%2F%2Fclearlyenlight.com%2Findex.php%3Fc%3D2777%26t%3D28691%26e%3D26043&ul=fr-fr&de=UTF-8&dt=Loading...%20%2F%20clearlyenlight.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2056631050&gjid=1285243237&cid=1891614819.1715019277&tid=UA-153633782-1&_gid=2114549249.1715019277&_r=1&gtm=457e4510za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=181188631
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://clearlyenlight.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 May 2024 18:14:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://clearlyenlight.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
bimi_ico
clearlyenlight.com/fr/style/images/
Redirect Chain
  • https://clearlyenlight.com/style/images/bimi.ico
  • https://clearlyenlight.com/fr/style/images/bimi_ico
0
0
Primary Request /
portal.medicial.no/dvit23orm/
Redirect Chain
  • https://cnecco.com/click.track?CID=465918&AFID=468975&SID=ADS
  • https://bemediaor.com/click.track?CID=465592&AFID=422872&AffiliateReferenceID=05_180176136_efe9fa25-6c0b-466a-bc45-82d153366d97&SID=468975
  • https://portal.medicial.no/dvit23orm/?aff-id=422872
11 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.medicial.no/dvit23orm/?aff-id=422872
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
79.160.234.76 Stavanger, Norway, ASN29695 (ALTIBOX_AS Norway, NO),
Reverse DNS
79.160.234.76.static.lyse.net
Software
Microsoft-IIS/10.0 /
Resource Hash
35864cd2ac09a14551b22f3e745d00d11fe69e29bbb51e9e658304f2399c45b8

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://clearlyenlight.com/index.php?c=2777&t=28691&e=26043
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private
content-length
11689
content-type
text/html
date
Mon, 06 May 2024 18:14:39 GMT
server
Microsoft-IIS/10.0

Redirect headers

access-control-allow-origin
*
cache-control
private
content-length
168
content-type
text/html; charset=utf-8
date
Mon, 06 May 2024 18:14:38 GMT
location
https://portal.medicial.no/dvit23orm/?aff-id=422872
p3p
policyref="/p3p/P3P.bemediaor.com.xml", CP="NOI DSP COR NID ADM DEV OUR STP OTC"
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
bootstrap.min.css
portal.medicial.no/dvit23orm/assets/bootstrap/css/ 		152 KB
152 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.medicial.no/dvit23orm/assets/bootstrap/css/bootstrap.min.css
Requested by
Host: portal.medicial.no
URL: https://portal.medicial.no/dvit23orm/?aff-id=422872
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
79.160.234.76 Stavanger, Norway, ASN29695 (ALTIBOX_AS Norway, NO),
Reverse DNS
79.160.234.76.static.lyse.net
Software
Microsoft-IIS/10.0 /
Resource Hash
df10434082e8975fdd54cc5ae25af6b1b5c3d727545bfa705d3020e8efe51843

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal.medicial.no/dvit23orm/?aff-id=422872
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 18:14:39 GMT
last-modified
Wed, 06 Sep 2023 20:40:05 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"bdf24a512e1d91:0"
content-length
155590
content-type
text/css
bootstrap-grid.min.css
portal.medicial.no/dvit23orm/assets/bootstrap/css/ 		50 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.medicial.no/dvit23orm/assets/bootstrap/css/bootstrap-grid.min.css
Requested by
Host: portal.medicial.no
URL: https://portal.medicial.no/dvit23orm/?aff-id=422872
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
79.160.234.76 Stavanger, Norway, ASN29695 (ALTIBOX_AS Norway, NO),
Reverse DNS
79.160.234.76.static.lyse.net
Software
Microsoft-IIS/10.0 /
Resource Hash
d6ff3ab96f11402936c592b12be8923d65e855578b5ad831fa8e6e3e825a2282

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal.medicial.no/dvit23orm/?aff-id=422872
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 18:14:39 GMT
last-modified
Wed, 06 Sep 2023 20:40:05 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"e8fd62512e1d91:0"
content-length
51457
content-type
text/css
bootstrap-reboot.min.css
portal.medicial.no/dvit23orm/assets/bootstrap/css/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.medicial.no/dvit23orm/assets/bootstrap/css/bootstrap-reboot.min.css
Requested by
Host: portal.medicial.no
URL: https://portal.medicial.no/dvit23orm/?aff-id=422872
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
79.160.234.76 Stavanger, Norway, ASN29695 (ALTIBOX_AS Norway, NO),
Reverse DNS
79.160.234.76.static.lyse.net
Software
Microsoft-IIS/10.0 /
Resource Hash
d719b96b854f711f490a090cd89bc3e178999c6d15e6b86f6453ae4280cbbfb3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal.medicial.no/dvit23orm/?aff-id=422872
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 18:14:39 GMT
last-modified
Wed, 06 Sep 2023 20:40:05 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"dd75e512e1d91:0"
content-length
4623
content-type
text/css
animate.css
portal.medicial.no/dvit23orm/assets/animatecss/ 		97 KB
97 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.medicial.no/dvit23orm/assets/animatecss/animate.css
Requested by
Host: portal.medicial.no
URL: https://portal.medicial.no/dvit23orm/?aff-id=422872
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
79.160.234.76 Stavanger, Norway, ASN29695 (ALTIBOX_AS Norway, NO),
Reverse DNS
79.160.234.76.static.lyse.net
Software
Microsoft-IIS/10.0 /
Resource Hash
2500feeabee60bbc29ad9a16cdad209b910ef2835220db7270aa08c2821d100b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal.medicial.no/dvit23orm/?aff-id=422872
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 18:14:39 GMT
last-modified
Wed, 06 Sep 2023 20:40:05 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"a8a134512e1d91:0"
content-length
99437
content-type
text/css
style.css
portal.medicial.no/dvit23orm/assets/theme/css/ 		15 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.medicial.no/dvit23orm/assets/theme/css/style.css
Requested by
Host: portal.medicial.no
URL: https://portal.medicial.no/dvit23orm/?aff-id=422872
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
79.160.234.76 Stavanger, Norway, ASN29695 (ALTIBOX_AS Norway, NO),
Reverse DNS
79.160.234.76.static.lyse.net
Software
Microsoft-IIS/10.0 /
Resource Hash
84ef0da94d19ded209dc04d8fc2b9ef191b79200c2199121d04518992fbb48d4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal.medicial.no/dvit23orm/?aff-id=422872
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 18:14:39 GMT
last-modified
Wed, 06 Sep 2023 20:40:06 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"a5ebf4512e1d91:0"
content-length
14855
content-type
text/css
css
fonts.googleapis.com/ 		43 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inter+Tight:100,200,300,400,500,600,700,800,900,100i,200i,300i,400i,500i,600i,700i,800i,900i&display=swap
Requested by
Host: portal.medicial.no
URL: https://portal.medicial.no/dvit23orm/?aff-id=422872
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
25d42113bc9e937358973b94485c036e0edb7c52c9c9d8cfced45da1e70195b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal.medicial.no/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 May 2024 18:14:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 May 2024 18:12:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 May 2024 18:14:39 GMT
mbr-additional.css
portal.medicial.no/dvit23orm/assets/mobirise/css/ 		21 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.medicial.no/dvit23orm/assets/mobirise/css/mbr-additional.css
Requested by
Host: portal.medicial.no
URL: https://portal.medicial.no/dvit23orm/?aff-id=422872
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
79.160.234.76 Stavanger, Norway, ASN29695 (ALTIBOX_AS Norway, NO),
Reverse DNS
79.160.234.76.static.lyse.net
Software
Microsoft-IIS/10.0 /
Resource Hash
d18ec8e66b3bdfbf7857d5560a5671b4b57261016c1e9b2201f023a5f8d0e5ae

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal.medicial.no/dvit23orm/?aff-id=422872
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 18:14:39 GMT
last-modified
Wed, 06 Sep 2023 20:40:06 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"8b7ced512e1d91:0"
content-length
21538
content-type
text/css
jquery-3.7.0.min.js
portal.medicial.no/dvit23orm/assets/ 		85 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.medicial.no/dvit23orm/assets/jquery-3.7.0.min.js
Requested by
Host: portal.medicial.no
URL: https://portal.medicial.no/dvit23orm/?aff-id=422872
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
79.160.234.76 Stavanger, Norway, ASN29695 (ALTIBOX_AS Norway, NO),
Reverse DNS
79.160.234.76.static.lyse.net
Software
Microsoft-IIS/10.0 /
Resource Hash
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal.medicial.no/dvit23orm/?aff-id=422872
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 18:14:39 GMT
last-modified
Wed, 06 Sep 2023 20:40:05 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"35c73b512e1d91:0"
content-length
87462
content-type
application/javascript
Promedica-Vitamin-D3.png
portal.medicial.no/dvit23orm/assets/images/ 		835 KB
836 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.medicial.no/dvit23orm/assets/images/Promedica-Vitamin-D3.png
Requested by
Host: portal.medicial.no
URL: https://portal.medicial.no/dvit23orm/?aff-id=422872
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
79.160.234.76 Stavanger, Norway, ASN29695 (ALTIBOX_AS Norway, NO),
Reverse DNS
79.160.234.76.static.lyse.net
Software
Microsoft-IIS/10.0 /
Resource Hash
af57c7b026dbd255d20be1f0d37ae6ccffc6486353ba5a992dfd8425ca4f1497

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal.medicial.no/dvit23orm/?aff-id=422872
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 18:14:39 GMT
last-modified
Wed, 06 Sep 2023 20:40:05 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"b34b99512e1d91:0"
content-length
855422
content-type
image/png
Vitamin-D3.png
portal.medicial.no/dvit23orm/assets/images/ 		702 KB
703 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.medicial.no/dvit23orm/assets/images/Vitamin-D3.png
Requested by
Host: portal.medicial.no
URL: https://portal.medicial.no/dvit23orm/?aff-id=422872
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
79.160.234.76 Stavanger, Norway, ASN29695 (ALTIBOX_AS Norway, NO),
Reverse DNS
79.160.234.76.static.lyse.net
Software
Microsoft-IIS/10.0 /
Resource Hash
13b86a067768af4a8dadc622d13812e9d3b338365523178b4c7d4644d355924f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal.medicial.no/dvit23orm/?aff-id=422872
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 18:14:39 GMT
last-modified
Wed, 06 Sep 2023 20:40:05 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"8ae96e512e1d91:0"
content-length
718966
content-type
image/png
phone.png
portal.medicial.no/dvit23orm/assets/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.medicial.no/dvit23orm/assets/images/phone.png
Requested by
Host: portal.medicial.no
URL: https://portal.medicial.no/dvit23orm/?aff-id=422872
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
79.160.234.76 Stavanger, Norway, ASN29695 (ALTIBOX_AS Norway, NO),
Reverse DNS
79.160.234.76.static.lyse.net
Software
Microsoft-IIS/10.0 /
Resource Hash
8f15e3e7f4c3f827bf51b8687ba75c07af08b765d83d72ddeb497d991877b70c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal.medicial.no/dvit23orm/?aff-id=422872
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 18:14:39 GMT
last-modified
Wed, 06 Sep 2023 20:40:05 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"2bd583512e1d91:0"
content-length
10118
content-type
image/png
mail.png
portal.medicial.no/dvit23orm/assets/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.medicial.no/dvit23orm/assets/images/mail.png
Requested by
Host: portal.medicial.no
URL: https://portal.medicial.no/dvit23orm/?aff-id=422872
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
79.160.234.76 Stavanger, Norway, ASN29695 (ALTIBOX_AS Norway, NO),
Reverse DNS
79.160.234.76.static.lyse.net
Software
Microsoft-IIS/10.0 /
Resource Hash
759f3ed86881ca780521bd69079e13da38efd3928bc55ac7e4c5c0dc882b1473

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal.medicial.no/dvit23orm/?aff-id=422872
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 18:14:39 GMT
last-modified
Wed, 06 Sep 2023 20:40:06 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"6af1b5512e1d91:0"
content-length
6563
content-type
image/png
border2.png
portal.medicial.no/dvit23orm/assets/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.medicial.no/dvit23orm/assets/images/border2.png
Requested by
Host: portal.medicial.no
URL: https://portal.medicial.no/dvit23orm/?aff-id=422872
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
79.160.234.76 Stavanger, Norway, ASN29695 (ALTIBOX_AS Norway, NO),
Reverse DNS
79.160.234.76.static.lyse.net
Software
Microsoft-IIS/10.0 /
Resource Hash
9780ebcd850ab8ac503f340b7db534a6c37eb8a6769018f59ef25d3d3128b704

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal.medicial.no/dvit23orm/?aff-id=422872
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 18:14:39 GMT
last-modified
Wed, 06 Sep 2023 20:40:06 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"7dbad9512e1d91:0"
content-length
12561
content-type
image/png
border3.png
portal.medicial.no/dvit23orm/assets//images/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.medicial.no/dvit23orm/assets//images/border3.png
Requested by
Host: portal.medicial.no
URL: https://portal.medicial.no/dvit23orm/?aff-id=422872
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
79.160.234.76 Stavanger, Norway, ASN29695 (ALTIBOX_AS Norway, NO),
Reverse DNS
79.160.234.76.static.lyse.net
Software
Microsoft-IIS/10.0 /
Resource Hash
4e30f8d87f3272857c64a8243a5a3dba95f916661cc3b6d29b3bc00c3007782e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal.medicial.no/dvit23orm/?aff-id=422872
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 18:14:39 GMT
last-modified
Wed, 06 Sep 2023 20:40:06 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"93c3d5512e1d91:0"
content-length
44751
content-type
image/png
NGSwv5HMAFg6IuGlBNMjxLsH8ag.woff2
fonts.gstatic.com/s/intertight/v7/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/intertight/v7/NGSwv5HMAFg6IuGlBNMjxLsH8ag.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter+Tight:100,200,300,400,500,600,700,800,900,100i,200i,300i,400i,500i,600i,700i,800i,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca34455f82a5c81d8111c6a641771c011e95767e64efc8a52f82299896028c57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://portal.medicial.no
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 00:34:13 GMT
x-content-type-options
nosniff
age
236426
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45072
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:57:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 May 2025 00:34:13 GMT
NGSwv5HMAFg6IuGlBNMjxLsE8ah8QA.woff2
fonts.gstatic.com/s/intertight/v7/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/intertight/v7/NGSwv5HMAFg6IuGlBNMjxLsE8ah8QA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter+Tight:100,200,300,400,500,600,700,800,900,100i,200i,300i,400i,500i,600i,700i,800i,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a19a0179d31934dc2c9ffcdcd988ca8608123e7eb9542a89857f238c955447f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://portal.medicial.no
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 07:58:06 GMT
x-content-type-options
nosniff
age
555393
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22212
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:06:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Apr 2025 07:58:06 GMT
favicon.ico
portal.medicial.no/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://portal.medicial.no/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
79.160.234.76 Stavanger, Norway, ASN29695 (ALTIBOX_AS Norway, NO),
Reverse DNS
79.160.234.76.static.lyse.net
Software
Microsoft-IIS/10.0 /
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal.medicial.no/dvit23orm/?aff-id=422872
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 18:14:39 GMT
server
Microsoft-IIS/10.0
content-length
1245
content-type
text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
clearlyenlight.com
URL
https://clearlyenlight.com/fr/style/images/bimi_ico

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

7 Cookies

Domain/Path Name / Value
.clearlyenlight.com/ Name: _ga
Value: GA1.2.1891614819.1715019277
.clearlyenlight.com/ Name: _gid
Value: GA1.2.2114549249.1715019277
.clearlyenlight.com/ Name: _gat_gtag_UA_153633782_1
Value: 1
cnecco.com/ Name: LTTC6_465918
Value: 05_180176136_efe9fa25-6c0b-466a-bc45-82d153366d97
bemediaor.com/ Name: LTTC6_465592
Value: 05_180176147_d624d728-d277-49d4-a7f0-d659615a8240
portal.medicial.no/ Name: ASPSESSIONIDQEDABQRR
Value: KBNJPOIAJBJHMPBAHJMLMAGE
.clearlyenlight.com/ Name: _ga_W8ZJSFSEVF
Value: GS1.1.1715019277.1.0.1715019279.0.0.0

1 Console Messages

Source Level URL
Text
network error URL: https://portal.medicial.no/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bemediaor.com
clearlyenlight.com
cnecco.com
fonts.googleapis.com
fonts.gstatic.com
portal.medicial.no
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
clearlyenlight.com
2001:41d0:203:9a4f:980e:8865:4182:11e6
2001:4860:4802:32::36
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:812::200a
2a00:1450:4001:82b::2003
3.12.8.128
3.23.196.136
79.160.234.76
13b86a067768af4a8dadc622d13812e9d3b338365523178b4c7d4644d355924f
161b628b5a81926bbd3a91e93e5cfba0e7a1088820d8baa7d395707dd1b35d7d
2500feeabee60bbc29ad9a16cdad209b910ef2835220db7270aa08c2821d100b
25d42113bc9e937358973b94485c036e0edb7c52c9c9d8cfced45da1e70195b0
35864cd2ac09a14551b22f3e745d00d11fe69e29bbb51e9e658304f2399c45b8
4e30f8d87f3272857c64a8243a5a3dba95f916661cc3b6d29b3bc00c3007782e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
759f3ed86881ca780521bd69079e13da38efd3928bc55ac7e4c5c0dc882b1473
84ef0da94d19ded209dc04d8fc2b9ef191b79200c2199121d04518992fbb48d4
887aa505e4755bbdf30823e81509fb44246931a615152163a6b107c6a67df695
89c2b2f39fa2342fab7b61a542cc925803d519d740a190b6b1cb809e2e9760a7
8f15e3e7f4c3f827bf51b8687ba75c07af08b765d83d72ddeb497d991877b70c
9780ebcd850ab8ac503f340b7db534a6c37eb8a6769018f59ef25d3d3128b704
a19a0179d31934dc2c9ffcdcd988ca8608123e7eb9542a89857f238c955447f7
af57c7b026dbd255d20be1f0d37ae6ccffc6486353ba5a992dfd8425ca4f1497
ca34455f82a5c81d8111c6a641771c011e95767e64efc8a52f82299896028c57
d18ec8e66b3bdfbf7857d5560a5671b4b57261016c1e9b2201f023a5f8d0e5ae
d6ff3ab96f11402936c592b12be8923d65e855578b5ad831fa8e6e3e825a2282
d719b96b854f711f490a090cd89bc3e178999c6d15e6b86f6453ae4280cbbfb3
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df10434082e8975fdd54cc5ae25af6b1b5c3d727545bfa705d3020e8efe51843
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855