care.normanmd.com Open in urlscan Pro
2606:4700:3030::6815:30c7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://url.de.m.mimecastprotect.com/s/wvBbCpZ4J8cqy2wyiPz4uj?domain=care.normanmd.com
Effective URL:
https://care.normanmd.com/en/
Submission: On July 15 via api (July 15th 2024, 9:27:16 pm UTC) from US — Scanned from DE

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 49 HTTP transactions. The main IP is 2606:4700:3030::6815:30c7, located in United States and belongs to CLOUDFLARENET, US. The main domain is care.normanmd.com.
TLS certificate: Issued by WE1 on July 6th 2024. Valid for: 3 months.

This is the only time care.normanmd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	51.163.159.16 51.163.159.16	39588 (MIMECAST-DE) (MIMECAST-DE)
29	2606:4700:303... 2606:4700:3030::6815:30c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
13	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
49	7

2 51.163.159.16 (United Kingdom) 2 redirects

ASN39588 (MIMECAST-DE, GB)

url.de.m.mimecastprotect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700:3030::6815:30c7 (United States)

ASN13335 (CLOUDFLARENET, US)

care.normanmd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	normanmd.com care.normanmd.com	2 MB
14	typekit.net use.typekit.net — Cisco Umbrella Rank: 1178 p.typekit.net — Cisco Umbrella Rank: 1499	237 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 ajax.googleapis.com — Cisco Umbrella Rank: 641	7 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	107 KB
2	mimecastprotect.com 2 redirects url.de.m.mimecastprotect.com — Cisco Umbrella Rank: 286795	2 KB
1	gstatic.com fonts.gstatic.com	126 KB
49	6

	Domain	Requested by
29	care.normanmd.com	care.normanmd.com
13	use.typekit.net	ajax.googleapis.com care.normanmd.com
2	www.googletagmanager.com	care.normanmd.com
2	fonts.googleapis.com	care.normanmd.com ajax.googleapis.com
2	url.de.m.mimecastprotect.com	2 redirects
1	p.typekit.net	care.normanmd.com
1	fonts.gstatic.com	fonts.googleapis.com
1	ajax.googleapis.com	care.normanmd.com
49	8

This site contains no links.

Subject Issuer	Validity	Valid
normanmd.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://care.normanmd.com/en/
Frame ID: F74E212CB643DC2E53728DA851AC06D1
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NormanMD Telemedicine

Page URL History Show full URLs

https://url.de.m.mimecastprotect.com/s/wvBbCpZ4J8cqy2wyiPz4uj?domain=care.normanmd.com HTTP 307
https://url.de.m.mimecastprotect.com/r/Olc4QQQ7diTRqRs9kT5tjxRTsS6JqqlUHsZHuIXA6xjnhc5PJFLB53OQAHg4sniWZOR2KFU7XS... HTTP 307
https://care.normanmd.com/en/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

100 %
HTTPS

88 %
IPv6

6
Domains

8
Subdomains

7
IPs

3
Countries

2489 kB
Transfer

11929 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://url.de.m.mimecastprotect.com/s/wvBbCpZ4J8cqy2wyiPz4uj?domain=care.normanmd.com HTTP 307
https://url.de.m.mimecastprotect.com/r/Olc4QQQ7diTRqRs9kT5tjxRTsS6JqqlUHsZHuIXA6xjnhc5PJFLB53OQAHg4sniWZOR2KFU7XSf-nAMsoPLYI_vKzUcuxJr-pejjSp084NwrrGRxUZwvphOQO_g5-uwt8-_nIyuJLcey4qnPef93ORae3XudkT6kaFYdYLEqvAob82-B-CAWtn_CP8UvPqXPffF6y-EDYwnZIkJW0VCKKmwUYH510yKtHeSOVjgsubXLa3gjaLLCBeGaYIkKrDtPYYbmY5kmyuHWpX4j25HakdTXFiEnX7TN4iMZ9oV9w4JZGaon2F_YvkpdfPi_z-3rP-PSFCHCw98vD9xzXoOr2DMjx7i-yGzGqVLmYh6sxYbme8TDLtIO-8APS70PLhOtUr-i34Yx32196FhbAV1TgA8W7uBQDcBtSVsVXuQNJYqYzbsKQvmZ1MoWjPRYI4fkljoI6phTJQEXR12esOhF2ubLPZJKyzlbdmzZMN1SlWt2GwPCBgH8Ih_hjyaSL1BGTTbbQKT9hWFQ9HXGiOYg9K1tTUCkzDATBlRVlQ1erRya5mEBDmhX-A61ilPkC8WxtbIrLJjHUckg1eJ-991SHTlRQNmEAYKqGA4Y_BFCKth6G26Ryi5H_dNYdEz_Daf1BLx_pPBituH1h2aJMuBlG_nVf9SmUsJHjHkRjYv5iI6jekmnpsxDS5UIA7uBVdooYFvcz1bQ3uFmVxp9A-0o2WZJSP-c9eH8Oe4-dUK03pEnkdkmJ5YE7DdjaGpyntnyArrTjX8Nm0PLGvLR_P667oEZkLqh9FHI5SszuZVaIxIo_DuZYdxHNodfFUcZ83p_mb4OwlXYM6LyqJaJA72GsmbRMSY3TtV4AiigiT6pbvd9LqwjQ2r_CIhN-rmtZtzfIkJrrJN4GBXCpDDWShEmnHlzPzBugEmbFxtTx8xi-ypV0HBmUBLNfTPjcjTPQKYXoB0ZcELu5zr3nVPJBulqyZQGBPSyUr9qTmu46ajXiwbNIl3_Okfe6XHtOKaG49HgtL0aa3tQle0pXBSiPzJaHz4hx1lXpmt61_MtYyyjHOlyAZIm8LVxvXOVer5PPxMfZ5n2iM8i-ivBlStO-vuFvxz7BuUMr8fZiiUFjnnPZ3-iZHqiDPOB-zhQUMEmngPO_59TWhJgU7iVJv-uir4bMtnqXVXFeyoXALrU5pvhVTL44Q4KkDviVvy_qPrEm3dJwGY4DGt5_LmTiib1anAsAuWgYKnVdiS6BfVv_C5RSFYuFRRuEXQAY-26DvyDnE_WFSsHp6SFWV2HRXggmvy7RccWDyUcuvmVPghTnOhLXEMZcr64Hy9Eu0Zaw9-1mpfFj83QZf7bry4WC3wnfopkwl-fOO5nKK5mKtA4-aTACcS07_0bkINCHROhkG8g4thurSL77Y_4qOF5SDPZPcP3N29OtQO9RZnfg2N0dDzZnwHJuXwkBwO2B7gjNmZ_OipdXnqg1v9u82Aa897gQazXMTjnX4CAGeVFvF4dYsafJrN21_TbEdaJdt4Cw0R_1-HSvsA3r8VOZw8XZCfyy8m33H6bda-2qvPIepPQUPiinvnDWxT56T8ira5NAGWCplGVpSDN6eG3Z5ek4U7ypZvtJFBSHFfzbMLWHhbn1DaJK4uYKdcVvly5GQBM_fxkqycK3-gBoii2cIsw49T-3mGON9JuIhNY3-IefhqJxDWMaOf8_XHwC6IcpMjsUrzPAQWSB3v_pFTZ0tzz__39Z83N_DDSqMQc1RwXHa3qZ5NODy1DOr6GgnIXHeogGiJvniaxXY0RWJhDj9o-VQe4iEueMZDPsgm6PIJ1VudwfBVId8oaX631BbiLGdEeVaKtTgfN HTTP 307
https://care.normanmd.com/en/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
care.normanmd.com/en/
Redirect Chain

https://url.de.m.mimecastprotect.com/s/wvBbCpZ4J8cqy2wyiPz4uj?domain=care.normanmd.com
https://url.de.m.mimecastprotect.com/r/Olc4QQQ7diTRqRs9kT5tjxRTsS6JqqlUHsZHuIXA6xjnhc5PJFLB53OQAHg4sniWZOR2KFU7XSf-nAMsoPLYI_vKzUcuxJr-pejjSp084NwrrGRxUZwvphOQO_g5-uwt8-_nIyuJLcey4qnPef93ORae3XudkT...
https://care.normanmd.com/en/

10 KB
3 KB

681ms
549ms

Document
text/html

2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

797fbbb441e00b72d3f44375fb24a81e42f7eef43c9ecfed9ac93faf95d68a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a3cd5aa7ec05d4d-FRA
content-encoding: br
content-type: text/html
date: Mon, 15 Jul 2024 21:27:07 GMT
last-modified: Tue, 11 Jun 2024 20:43:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sX9el3pNp9Bxgcu1wehIzvJHcgKoZGZPxmA9uymRrYQ9mgQ6R9apcar8Hp6a4f4XOInjksP29xP%2FB2yOQEGS8lkaxk6EOmhwxfqZr0NVRktQBfMrfVcmNNf6fzL12UngMdkooFP3sCrvuka8kYWzqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-frame-options: Sameorigin

Redirect headers

Cache-control: no-store
Connection: keep-alive
Content-Length: 0
Date: Mon, 15 Jul 2024 21:27:06 GMT
Location: https://care.normanmd.com/en/#/newpatient?token2=656d719a-636b-4375-97fc-0bd5ea2eb2ab&email=CONNIEAMISH%40GAMESTOP.COM&phone=9728399147
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Robots-Tag: noindex, nofollow

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 157ms
41ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://care.normanmd.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jul 2024 21:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jul 2024 21:27:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jul 2024 21:27:07 GMT

GET
H2 200 ngbootstrap-datepicker.css
care.normanmd.com/en/assets/scss/ 5 KB
2 KB 171ms
167ms Stylesheet
text/css 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/en/assets/scss/ngbootstrap-datepicker.css

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe90c96ce173a9cab1ead4805ebcc5e199d20a5e0d39827bb44981732dc732f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 1337
last-modified: Tue, 11 Jun 2024 20:43:22 GMT
server: cloudflare
etag: "fb5d040bcda1:0"
vary: Accept-Encoding
x-frame-options: Sameorigin
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Izy196TajybOIUC0mamytpBY2iRhXeV7OYp9B9ITv5pt%2BYFv3zVI8xlbyBioaBraUc%2BYf1nce3MsECO%2F9xNVoBQVvYShBUZ6HADuBF3%2BdbCRsRoeReGRCE7imokjuTtdIFhS7ZBvnfBnnmImLCFJow%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a3cd5ae2b6d5d4d-FRA

GET
H2 404 fm.js
care.normanmd.com/en/assets/js/Scripts/ 0
0 536ms
532ms Script
text/html 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/en/assets/js/Scripts/fm.js

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:07 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: Sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KncMK%2BtOuDMdosXd8aYJGJ88i4l1km0fxzrkyJpBanTh2CclEZh8bPMnC4G%2BFwpF3swkk5hxQ%2F11nDPosSjefkQquc4f2Mxzd%2FjboviSC%2BJXZkjEu2%2BlzgYltFt1GdhOxAEyOgRWvDnG2nQ3aM2wog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 8a3cd5ae2b755d4d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 404 fm.websync.js
care.normanmd.com/en/assets/js/Scripts/ 0
0 545ms
541ms Script
text/html 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/en/assets/js/Scripts/fm.websync.js

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:07 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: Sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=abZ1hecsLsGahtkPchTCitSWpbBawcoLvnXashjmNHT28c8%2F%2B6V9qWWlH%2BTH4q3SFLX3N0VDHAAx8OqEzgboHK9lD8JaW1PqkOHDL6VIRyTcalu1Y9V7lIBn%2FZp1pI67G5LDoFMlk%2FMYiCkdH11iRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 8a3cd5ae2b795d4d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 404 fm.websync.subscribers.js
care.normanmd.com/en/assets/js/Scripts/ 0
0 572ms
569ms Script
text/html 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/en/assets/js/Scripts/fm.websync.subscribers.js

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:07 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: Sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LL4WVb82xIzJEZveJgnu6RcpVVNBZvr6DYvfODpsjmv2QIW7F%2FRirlonCA%2FXFf6HC6OLmGPB9vpIZcQfWH%2F8ISDk2VgHhkGFr8fqXQkV%2Bcu6meA%2FEOPneQ6JyKq0a%2F1NFAVBZNP4a9fT8g8bbTzRnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 8a3cd5ae2b7b5d4d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 404 fm.websync.chat.js
care.normanmd.com/en/assets/js/Scripts/ 0
0 545ms
541ms Script
text/html 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/en/assets/js/Scripts/fm.websync.chat.js

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:07 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: Sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TdrUnTXeWL1PSNEts5eowtGUG1svqTCjMGWJWV%2BdeFVtnwMduxYuzaTcidRyqJjt1SpgJf50IRObuWfxFkpRK1OxLEUXvpsoL9jUjk%2FJ5%2BVbGwzCrwNa1NaFainkkUyZ7JVUDHNF7ZJ5keM%2BDclFlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 8a3cd5ae2b805d4d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 PatientStartVisit.js Show response
care.normanmd.com/en/assets/js/Scripts/ 20 KB
4 KB 558ms
555ms Script
application/javascript 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/en/assets/js/Scripts/PatientStartVisit.js

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20e6a511f928128c98480e756e08d5a3040b1b98d8388e7e54ae9041892b35c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 4029
last-modified: Tue, 11 Jun 2024 20:43:22 GMT
server: cloudflare
etag: "fb5d040bcda1:0"
vary: Accept-Encoding
x-frame-options: Sameorigin
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Bzly%2FgtUKM8pF4T0swtjLnUFFn6%2B%2FnXh6A69H%2BBrmsAlWoGO%2BQQLSU1p4tkwzqkDAQX1YKsqZ3jRDn5SBmSlnnGU74GCQECFcowNy9ArSgbXfchoEKU1pKvmMs3CbjKGX6T%2BauFwhgSLQV9iY%2Bm4w%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a3cd5ae2b825d4d-FRA

GET
H2 200 Provider.js Show response
care.normanmd.com/en/assets/js/Scripts/ 23 KB
5 KB 555ms
553ms Script
application/javascript 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/en/assets/js/Scripts/Provider.js

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41fd4932f7eb1934cffdbbfef3beab2ef2c1af47978c4a6b302edb64e6f74347

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 4565
last-modified: Tue, 11 Jun 2024 20:43:22 GMT
server: cloudflare
etag: "fb5d040bcda1:0"
vary: Accept-Encoding
x-frame-options: Sameorigin
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mxffK%2B4sV8nwHvgcZ1uPN60eqic84a%2Fx41Hw1vAFHdEiMoSq5vdXSFBMX0sIgn7YIDaLWWNh7URqCWtCXW7KH8KOp%2BLbBVIPdREj3fsDahUwTmvQmQWOp%2FlhBsu%2B31sLCnWYhjS2ynBGesQ2ipSFCA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a3cd5ae2b835d4d-FRA

GET
H2 200 fm.liveswitch.js Show response
care.normanmd.com/en/assets/js/Scripts/ 7 MB
953 KB 716ms
713ms Script
application/javascript 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/en/assets/js/Scripts/fm.liveswitch.js

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e563c706ed291b9ed34d2616cf22589ad9620379cbe2e20438ae980bbf4faa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 11 Jun 2024 20:43:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
server: cloudflare
etag: "fb5d040bcda1:0"
vary: Accept-Encoding
x-frame-options: Sameorigin
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0WMEyBqvQlUFb3qaM8cZzsBousPuRwSMtJByXz62LRi1ZnTvZO1HDDNdxihI%2F0t1UN%2BayvtrvXGFJnDGJ7RzSLiGTTxxCZCCOkjpGsgpqiRnA59IiYpip1%2FgMciBIAOOoidnya4GG%2B9DxRHmyAtb%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a3cd5ae2b855d4d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 LSPatientStartVisit.js Show response
care.normanmd.com/en/assets/js/Scripts/ 21 KB
6 KB 550ms
547ms Script
application/javascript 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/en/assets/js/Scripts/LSPatientStartVisit.js

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58b3381785f05dbb7a39f5c6ffcfa20561529977e252b618be72295fc2079308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 5611
last-modified: Tue, 11 Jun 2024 20:43:22 GMT
server: cloudflare
etag: "fb5d040bcda1:0"
vary: Accept-Encoding
x-frame-options: Sameorigin
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YXn7eiQqlFApRfh9%2BuUzm3DTfOP6baOKl3XJUnDqiM3T%2B%2BmqhhfZggip2DwZQZFLQETMqfCUB33gNl7tYThXGrintOb6y0ItKr386qjG7qmJYxoNxPt98g9O6fwPS50nd3YT6CL4WLg9FE1GT%2BUaZA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a3cd5ae2b875d4d-FRA

GET
H2 200 LSProvider.js Show response
care.normanmd.com/en/assets/js/Scripts/ 28 KB
7 KB 568ms
566ms Script
application/javascript 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/en/assets/js/Scripts/LSProvider.js

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04b8615b953bb6729c8e5267a89689369cbda1b1f6b10512ae402f67a488427e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 6663
last-modified: Tue, 11 Jun 2024 20:43:22 GMT
server: cloudflare
etag: "fb5d040bcda1:0"
vary: Accept-Encoding
x-frame-options: Sameorigin
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S0DCwgguUMeGRWg2xvHEvl%2BCDYYDP9J1W0bqLSEi8L96507uEvENRz%2B4FsZY5TcShByhbpUPOWQFKHboHcmY6IcxezUA%2BlXrc%2Bi93SeyVHSUiqhJ3LRURDdb6X92xG3LBePKcA8zwE7ICTo3bZwtKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a3cd5ae3b8c5d4d-FRA

GET
H2 200 LSSharedScript.js Show response
care.normanmd.com/en/assets/js/Scripts/ 6 KB
3 KB 565ms
563ms Script
application/javascript 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/en/assets/js/Scripts/LSSharedScript.js

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9c783c4e809ebe288f25426ee38e8c98006970eb41d62826f71e864535b9aa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 2382
last-modified: Tue, 11 Jun 2024 20:43:22 GMT
server: cloudflare
etag: "fb5d040bcda1:0"
vary: Accept-Encoding
x-frame-options: Sameorigin
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e3rUHzKYkOvamhGLzIMdYT2uoVnINDIyXEupyK7XYO%2BJkKxKBvhtuH9eYiH1y9DgTJsKyBBOP2vixSaa3E5E1KIkucSVFuHpBsKHZZTY9DMUAwaQX%2FLUxcRifjbFW2FMVnuMBDYjZAU9%2Be3TgMDgAg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a3cd5ae3b8e5d4d-FRA

GET
H2 200 jquery-3.5.1.min.js Show response
care.normanmd.com/en/assets/js/Scripts/ 105 KB
43 KB 702ms
700ms Script
application/javascript 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/en/assets/js/Scripts/jquery-3.5.1.min.js

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14fedb173a6ea1528f67f5beda6f479c32db98728cc998ac22087f27368b849f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 43507
last-modified: Tue, 11 Jun 2024 20:43:22 GMT
server: cloudflare
etag: "fb5d040bcda1:0"
vary: Accept-Encoding
x-frame-options: Sameorigin
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uzyy9HXO%2BxHe%2BfjU%2B%2BCwab1BzcW6xPUUkusPQdSLGf0y0sGYuTAZvtfVWt1MyMrTPZkBpH5J77xJJCZu7tBPXIl9DaIuLqRgn1DSI%2BzEOwoQIYyL0akhTq4ZVw0pJC0P%2Fk%2BkC46kqIzt8xZROKt6tw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a3cd5ae3b925d4d-FRA

GET
H2 200 styles.4c09c18e9fdc6d775277.css
care.normanmd.com/en/ 76 KB
16 KB 541ms
539ms Stylesheet
text/css 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/en/styles.4c09c18e9fdc6d775277.css

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

338f33ea39153de0317cc5c257760faa3b9119e5f693cc8ea0d214bdda43a45a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 15565
last-modified: Tue, 11 Jun 2024 20:43:22 GMT
server: cloudflare
etag: "f466ffff3fbcda1:0"
vary: Accept-Encoding
x-frame-options: Sameorigin
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QygVkUzivK1wxrltmbuq4GOwtlM0WddJUB9EFhfowXWjVYzLEdsowJURTErR1T%2FwXUVUNZf9%2BoaoJ6wZ8GQgj2DZJvH4V3SPqruu1tImysZzTV%2FXkzDf5VuykGFoOglDyDmu%2BXwkquwJ0jepDAsJIA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a3cd5ae2b715d4d-FRA

GET
H3 200 runtime.2cea909e1c8f462d855e.js Show response
care.normanmd.com/en/ 2 KB
2 KB 540ms
540ms Script
application/javascript 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/en/runtime.2cea909e1c8f462d855e.js

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e9275e7c1ad25eeae4f5263b85a3d735ed37caeabc1db6283522fc9bc787353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 1677
last-modified: Tue, 11 Jun 2024 20:43:22 GMT
server: cloudflare
etag: "15fdff3fbcda1:0"
vary: Accept-Encoding
x-frame-options: Sameorigin
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=48%2FnB88%2BIzgMGOiPx1p862G5evvtaAHVVqXcI%2FL%2B7sJ%2F%2FUIJLNqEQHn3Vm1kZsEn%2Fc%2FcwhGaIxlKE3I%2BkyjnrFR43Idz%2FBY5CsW10aPqZ70MkXdC%2FeCtekYzMQSwFXAsk3hR%2Bem%2FtRCaU82yY6JmjA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a3cd5b339761c9d-FRA

GET
H3 200 polyfills.b5ee266fe5292f63c272.js Show response
care.normanmd.com/en/ 108 KB
47 KB 201ms
200ms Script
application/javascript 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/en/polyfills.b5ee266fe5292f63c272.js

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25f7b51259bdd77ad0b21d8817cfe2e52c278bc094761b974f530891c04a5def

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 47818
last-modified: Tue, 11 Jun 2024 20:43:22 GMT
server: cloudflare
etag: "15fdff3fbcda1:0"
vary: Accept-Encoding
x-frame-options: Sameorigin
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yA155r4rtsNRPY9ZO7DH1wTnwNttVnR79xZ1q9eNqUGZezNxKL8HoWUsnTm8FNug%2FNJQe949xyZe6WBwWV8NAMuoe77dBSeG%2BU4S2pJ9%2FcXqtz%2FyW502uzLM5UMFndk7uOJFSDhG5Zmemy9FGbCFFw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a3cd5b6ad871c9d-FRA

GET
H3 200 main.2112753c643e0936320d.js Show response
care.normanmd.com/en/ 3 MB
820 KB 873ms
872ms Script
application/javascript 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/en/main.2112753c643e0936320d.js

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57cb6216a64bd97fe25101386e90d7ca00284635da58b0a838154d41fd571f35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 11 Jun 2024 20:43:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
server: cloudflare
etag: "15fdff3fbcda1:0"
vary: Accept-Encoding
x-frame-options: Sameorigin
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oaQbVlYlf%2Fkglw%2FEf%2FSOFozCNgvmnR164uz10KEvdXMkDg8nZrCp82h6MLj3pjWw%2F69JYj%2FoEgVlUGNDabRtidU1WUm929dDcSR%2FUcfH5D7by62CriKzVFeyAd1hsHq0qjzQgyuYWue%2BP1oG7ABQlw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a3cd5b85f771c9d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 335 KB
107 KB 52ms
30ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=G-XTDF7NWC37

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

67d82840fcf3b75744d2b1d6406b5001ed823e0a05238181617a11d9e91d6013

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://care.normanmd.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 109477
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 15 Jul 2024 21:27:08 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://care.normanmd.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 00:14:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Jul 2025 00:14:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 569 B
462 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Material+Icons

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://care.normanmd.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jul 2024 21:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jul 2024 21:27:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jul 2024 21:27:09 GMT

GET
H2 200 uhe3lzt.js Show response
use.typekit.net/ 20 KB
7 KB 254ms
183ms Script
text/javascript 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/uhe3lzt.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

1e99710d6751c520ac5bd467d65192cf45e5021edaf56aeb5de7df1fb0830118

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://care.normanmd.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 15 Jul 2024 21:27:09 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6993

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 62ms
16ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://care.normanmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 09:55:55 GMT
x-content-type-options: nosniff
age: 559874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 09:55:55 GMT

GET
H2 200 l
use.typekit.net/af/620bf8/00000000000000000000e7fe/27/ 17 KB
17 KB 53ms
13ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/620bf8/00000000000000000000e7fe/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: care.normanmd.com
URL: https://care.normanmd.com/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6ca123db8c4e1ce21b2eec77f927c0563c64f04d8fc6c94aff8739eef4ebc9af

Request headers

Referer: https://care.normanmd.com/
Origin: https://care.normanmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:09 GMT
server: nginx
etag: "b5e7c2e377d10b344b022d96a04daef295e61ac1"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17052

GET
H2 200 l
use.typekit.net/af/5cca6d/00000000000000000000e802/27/ 17 KB
17 KB 64ms
24ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5cca6d/00000000000000000000e802/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i3&v=3
Requested by: Host: care.normanmd.com
URL: https://care.normanmd.com/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 36c637ff413145665890a1d52867bfcc8b90767212fa0fae29e71ac09a0ae9e4

Request headers

Referer: https://care.normanmd.com/
Origin: https://care.normanmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:09 GMT
server: nginx
etag: "e1f467b1f2cff0ccd8ad9b098801967df8dc108c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17588

GET
H2 200 l
use.typekit.net/af/a28b50/00000000000000000000e803/27/ 16 KB
17 KB 56ms
16ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a28b50/00000000000000000000e803/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: care.normanmd.com
URL: https://care.normanmd.com/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 09244974d9decf20f9cd3402621e4844a454f3ae43cdf509538f43c0456ba6c4

Request headers

Referer: https://care.normanmd.com/
Origin: https://care.normanmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:09 GMT
server: nginx
etag: "a6c1fa20004e862da7c922781204c8a0ef8794a4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16808

GET
H2 200 l
use.typekit.net/af/c2d3de/00000000000000000000e804/27/ 17 KB
17 KB 70ms
30ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c2d3de/00000000000000000000e804/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i5&v=3
Requested by: Host: care.normanmd.com
URL: https://care.normanmd.com/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8e02aabccb1091cee27c543358a410aa99ceab0fd6599d339aa7ff6374a30a53

Request headers

Referer: https://care.normanmd.com/
Origin: https://care.normanmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:09 GMT
server: nginx
etag: "c98890a8d65c1a10faab504a4432088d518d0cb8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17556

GET
H2 200 l
use.typekit.net/af/e3ca36/00000000000000000000e805/27/ 17 KB
17 KB 81ms
41ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e3ca36/00000000000000000000e805/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: care.normanmd.com
URL: https://care.normanmd.com/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 97f752f1bdffe4e12de8fe349f77012495c8926f74f64874a3e740960b365977

Request headers

Referer: https://care.normanmd.com/
Origin: https://care.normanmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:09 GMT
server: nginx
etag: "4577a8003f294766a3a783ec5fba19dc646ecf7c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17116

GET
H2 200 l
use.typekit.net/af/2841b6/00000000000000000000e806/27/ 17 KB
18 KB 57ms
17ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2841b6/00000000000000000000e806/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: care.normanmd.com
URL: https://care.normanmd.com/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 19a65e24c5533417e0d06e9ff1e0e3a69fccfc730a3c85db84851ec67ca255c3

Request headers

Referer: https://care.normanmd.com/
Origin: https://care.normanmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:09 GMT
server: nginx
etag: "bbf40368cce0c8165ed85753369ea4b01ee20b5f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17732

GET
H2 200 l
use.typekit.net/af/aa4f4e/000000000000000000012043/27/ 30 KB
30 KB 70ms
31ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/aa4f4e/000000000000000000012043/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: care.normanmd.com
URL: https://care.normanmd.com/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8836ebe51ea15b17270b10a0729fb5950e82921b3710b6f49dbc62a07d5efc26

Request headers

Referer: https://care.normanmd.com/
Origin: https://care.normanmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:09 GMT
server: nginx
etag: "aa9a5e7f0780839bee0d48c2fef9febe6db99d1b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30476

GET
H2 200 l
use.typekit.net/af/f1892e/00000000000000000000ec08/27/ 20 KB
20 KB 66ms
27ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f1892e/00000000000000000000ec08/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i5&v=3
Requested by: Host: care.normanmd.com
URL: https://care.normanmd.com/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 49da99f595f365acbb28ad33f097399a616aee25082a277e7983686eedb26868

Request headers

Referer: https://care.normanmd.com/
Origin: https://care.normanmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:09 GMT
server: nginx
etag: "7462102ca424237d81fc019e28ae3f167330b531"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20208

GET
H2 200 l
use.typekit.net/af/c225e2/000000000000000000011aff/27/ 19 KB
19 KB 77ms
38ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c225e2/000000000000000000011aff/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: care.normanmd.com
URL: https://care.normanmd.com/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: be08b553524afe2516979423c8147de88c9ad54ae7fb1ccdcb14bfcd6f862c7d

Request headers

Referer: https://care.normanmd.com/
Origin: https://care.normanmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:09 GMT
server: nginx
etag: "aac07d12e2650fd1a93de82aff4c98527ab9f303"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19028

GET
H2 200 l
use.typekit.net/af/696cdf/00000000000000000000ec0a/27/ 20 KB
20 KB 82ms
43ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/696cdf/00000000000000000000ec0a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: care.normanmd.com
URL: https://care.normanmd.com/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 143b7fc62ecc0dba5f409fed8616c4fac53d017390a4693db6f4a55bb33bd450

Request headers

Referer: https://care.normanmd.com/
Origin: https://care.normanmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:09 GMT
server: nginx
etag: "f63d28783970a76d13e49578e2d09b1e96f0057e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20008

GET
H2 200 l
use.typekit.net/af/a09522/00000000000000000000ec0b/27/ 19 KB
19 KB 79ms
40ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a09522/00000000000000000000ec0b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: care.normanmd.com
URL: https://care.normanmd.com/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 595c2772ac24a2d76916efe77adc9b877e98bb4a47dbd0c764693453c3fb1339

Request headers

Referer: https://care.normanmd.com/
Origin: https://care.normanmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:09 GMT
server: nginx
etag: "56d4711ff98e243957dcdc4cec528dc541f7e1b9"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19212

GET
H2 200 l
use.typekit.net/af/1d2651/00000000000000000000ec0c/27/ 19 KB
20 KB 85ms
47ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1d2651/00000000000000000000ec0c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i8&v=3
Requested by: Host: care.normanmd.com
URL: https://care.normanmd.com/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 68cb8f7e25928d3a2d2dab7f747b9041c2d76a3a7ca279ec44ca21da30452315

Request headers

Referer: https://care.normanmd.com/
Origin: https://care.normanmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:09 GMT
server: nginx
etag: "e4ca4acf046a807424860fce7d22f358ef87c525"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19820

GET
H2 200 p.gif
p.typekit.net/ 35 B
205 B 101ms
17ms Image
image/gif 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=uhe3lzt&ht=tk&h=care.normanmd.com&f=2005.2006.2007.2008.2009.2010.2030.2031.2032.2033.2036.2037&a=426381&js=1.21.0&app=typekit&e=js&_=1721078829438
Requested by: Host: care.normanmd.com
URL: https://care.normanmd.com/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://care.normanmd.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:09 GMT
last-modified: Fri, 28 Jul 2023 12:40:18 GMT
server: nginx
etag: "64c3b732-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H3 200 GetChatVersion Show response
care.normanmd.com/api/api/Helper/ 12 B
471 B 154ms
154ms XHR
application/json 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/api/api/Helper/GetChatVersion

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/polyfills.b5ee266fe5292f63c272.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5eb21696a89b32ecff68453a761787ad73929936d2b4fef2acd984a4519dcdc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Accept: */*
Referer: https://care.normanmd.com/en/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jul 2024 21:27:10 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: Sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HbFhkhKMJGBWP5YD1LjYr6eEzwyFqJYAbo2Uu1HDPyb0LbEB9pyQIGnXqXDXQr7i6y3uRaB7aoEjbVspflPHOSrkTNLox9EaRn4wxacmLGKHwIbBlbw%2FW3D2WQ4MCWPLenFXSZw%2BBwMVO7ZF7D9bTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 8a3cd5c44a341c9d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12
expires: -1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 335 KB
0 0ms
0ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=G-XTDF7NWC37

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/main.2112753c643e0936320d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

67d82840fcf3b75744d2b1d6406b5001ed823e0a05238181617a11d9e91d6013

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://care.normanmd.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:08 GMT
content-encoding: br
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 109477
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 15 Jul 2024 21:27:08 GMT

GET
H3 200 GetBrand Show response
care.normanmd.com/api/api/Settings/ 5 B
463 B 559ms
558ms XHR
application/json 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/api/api/Settings/GetBrand

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/polyfills.b5ee266fe5292f63c272.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fd9ea9cc6a914eb9e92a8b19028a4953b427bbaab7d7cb8d2897a4a6a90ef22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Accept: application/json, text/plain, */*
Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jul 2024 21:27:11 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: Sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xeG2Ssd7XjmjHNJyftTlbt2aZttgqJBZUK%2Bfq80DntIE4zTrZlQ6HX4PKcqmY42MFQ8sHSqAFgvGNXCB1sg7IcLxtLmY%2FSuftTkrXJSi%2BYVSEUXTOKxaEkpmBM5Yt6SDLqBLEroStwPAeElq5M8HOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 8a3cd5c46a651c9d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5
expires: -1

GET
H3 200 GetBrand Show response
care.normanmd.com/api/api/Settings/ 5 B
467 B 717ms
156ms XHR
application/json 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/api/api/Settings/GetBrand

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/polyfills.b5ee266fe5292f63c272.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fd9ea9cc6a914eb9e92a8b19028a4953b427bbaab7d7cb8d2897a4a6a90ef22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Accept: application/json, text/plain, */*
Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jul 2024 21:27:11 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: Sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YU%2FRd5fU%2FQZ5t%2F1IvLTz%2FtBVa1x5sItIVNMmaypGY3AaUdAxd3mwWxu6i11PaQhg%2FsfUQ%2Be4ui%2BPpzS9jesHgKtDOinHiZ9Em79VhiDgkFVebOxtrGuq8fOIX1xrxf7alUr%2BYpYIo6HT8aLVY0Hruw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 8a3cd5c7efc21c9d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5
expires: -1

GET
H3 200 StartPrePayRegistration Show response
care.normanmd.com/api/api/UserAccount/ 442 B
760 B 336ms
336ms XHR
application/json 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/api/api/UserAccount/StartPrePayRegistration?token=656d719a-636b-4375-97fc-0bd5ea2eb2ab

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/polyfills.b5ee266fe5292f63c272.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d25fc032581a8721d6898cf3331fe8e995bb56d6bfa4ede49d5898999c191494

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Accept: application/json, text/plain, */*
Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jul 2024 21:27:11 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: Sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ENBr8iYvjVuHsZN%2BU23ng73xWpO%2FuENSTT%2FsJQrfLjZYP4taDyy2uQJ3t6gDrCt8kQdfesgAwHWAAYKwzNqkQ7i3Ji0zIlDSDjcuVNjYaQk0fqWtxt4HRmjiWEVrnzafgscNWkWskuLvlmHqeW2htg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 8a3cd5c46a681c9d-FRA
alt-svc: h3=":443"; ma=86400
expires: -1

GET
H3 200 favicon.ico
care.normanmd.com/en/ 9 KB
2 KB 550ms
550ms Other
image/x-icon 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/en/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26d02991da585a1e93191cf5217a40e6b7d92788d80b6d691d427371a21b6b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:11 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 11 Jun 2024 20:43:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"fb5d040bcda1:0"
x-frame-options: Sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b1OaeSb8sXg4RcJ23GLVndNt70ltH%2F1mr58UlXA6XdVS3n0FW68OCFDd3vFh8Z%2FWIgm3tQmMIrUBAXhzIaftR60pc%2FLRy623kbAuuLwJrLiHFG66GKi6LhmeIpUE3rEZOhb%2FWAC4zbO6MTm3tXmRUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cf-ray: 8a3cd5c4db1f1c9d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 GetLSAppID Show response
care.normanmd.com/api/api/ 38 B
503 B 157ms
157ms XHR
application/json 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/api/api/GetLSAppID

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/polyfills.b5ee266fe5292f63c272.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cc35bd9934686f3bc737152cef532820171d8ab1ee3c8594db7a70d5b804bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Accept: */*
Referer: https://care.normanmd.com/en/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jul 2024 21:27:11 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: Sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v58y0Tpj1iPE3ovm5SeKhO%2BM3X9%2F07ezh96uEufMssm0KLsJ5s1Kq7mFtGIB78Sb%2BZ7%2FjObtrohpouPSOTJtLjY6JgHJoWVK%2FBwFXCUX6%2BXOD1goH9GXV5%2Fxe2QUxBWdZsiAK7jT%2BOeDeZT6cT8Tjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 8a3cd5c54bd51c9d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 38
expires: -1

GET
H3 200 14.7bd86bf94049f016c7bd.js Show response
care.normanmd.com/en/ 49 KB
14 KB 155ms
155ms Script
application/javascript 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/en/14.7bd86bf94049f016c7bd.js

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/runtime.2cea909e1c8f462d855e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2ace3759f4113bb0754cd8eb935a28652e04850f8e29b76635626f30af381d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 13854
last-modified: Tue, 11 Jun 2024 20:43:22 GMT
server: cloudflare
etag: "f466ffff3fbcda1:0"
vary: Accept-Encoding
x-frame-options: Sameorigin
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6TMErSrLScv4c8STaaV7e%2BWrU77g%2BwzE4ai9dN4U1qtOo%2B3MFrO9kZTERlJ7z80yiQyDYB3fp4NK%2B%2FZolvUNP4yxTw9KHq1jPlRJJxk7Ueuaf3B%2BJOMwdvMBtNtZi4Uswu3x%2BR8AvjpRFcIL5mr2DA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a3cd5c68de01c9d-FRA

GET
H3 200 common.e67af47160bd94e417eb.js Show response
care.normanmd.com/en/ 6 KB
3 KB 156ms
156ms Script
application/javascript 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/en/common.e67af47160bd94e417eb.js

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/runtime.2cea909e1c8f462d855e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c957856c4c5121ccc3286bfec1c2fec2e0908bbf53342f53afb91a476ae1aed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 2884
last-modified: Tue, 11 Jun 2024 20:43:22 GMT
server: cloudflare
etag: "15fdff3fbcda1:0"
vary: Accept-Encoding
x-frame-options: Sameorigin
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ep3smOWrHJpgsZYLW1Dwl60K7DExLM6iyF3w3bXZ5MgOdfpcWRsKNo7WilQYbS8KydAmZeEq9fgUVvEtQ87UAAZpjw%2FTLjQjjbdUF%2FvaHcBPFYJGAF5HW%2BcReM6%2Bs8jnfPQIztUnKHJGtQByKSCOAA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a3cd5c78f5e1c9d-FRA

GET
H3 200 13.0f1ace93c98723a66b22.js Show response
care.normanmd.com/en/ 275 KB
58 KB 169ms
169ms Script
application/javascript 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/en/13.0f1ace93c98723a66b22.js

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/runtime.2cea909e1c8f462d855e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0144c547051bbbda12f484f1000015b11d81be9d96c9a3065a8f8593049bc30d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 58592
last-modified: Tue, 11 Jun 2024 20:43:22 GMT
server: cloudflare
etag: "f466ffff3fbcda1:0"
vary: Accept-Encoding
x-frame-options: Sameorigin
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2FQhaekLmcx6Lto1AOwxhcIfP3vfa%2FfLYvq3U8I39ZS3QGT2vW2iGLd635WU8WJfts%2Bnm5NHgjrI4imQO%2B2NvvcMujcyi5NTqg83NFSYGe9X8imj7nl4%2F1Cbpy6DGqon%2BkSP0qUqWyBdHvIl9ZmZmA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a3cd5c78f621c9d-FRA

GET
H3 200 logo-norman-md.png
care.normanmd.com/en/assets/images/ 21 KB
21 KB 661ms
661ms Image
image/png 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://care.normanmd.com/en/assets/images/logo-norman-md.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1ad0427d9cc6a6696e35dce4e0874d01ec7d8aaef1200120b35e2933fc730ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:12 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
last-modified: Tue, 11 Jun 2024 20:43:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f08040bcda1:0"
x-frame-options: Sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JrIkXRFKDFNSL5IFt0PsSL7zcGp%2BA57xyvMQKgZhha2HrjzViUjzL360SQzv2L9tcXd06rVcIrH%2FYnvX%2FQcWvlqPHfhYgG0j2gL0gV1nDtRFQ%2BDehNizIeJ4I1Q3mRujanm7dF%2FdMAtxD6BBYXBOyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8a3cd5c7efc61c9d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21554

GET
H3 200 ObfuscateContactPreference Show response
care.normanmd.com/api/api/Helper/ 59 B
518 B 161ms
161ms XHR
application/json 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/api/api/Helper/ObfuscateContactPreference?email=CONNIEAMISH@GAMESTOP.COM&phone=9728399147

Requested by

Host: care.normanmd.com
URL: https://care.normanmd.com/en/polyfills.b5ee266fe5292f63c272.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78c515af6cbdfd50ef12fdb493b17714ec42252137e954d00ba85385434ec70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Request headers

Accept: application/json, text/plain, */*
Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jul 2024 21:27:11 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: Sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w7Imu9ItsEkCqYR0TrVGLSxckYAvPfQj4MY5uXERs54JuI7TQ%2FKOFeBhdrGVD9hQFfEn%2BdVfcEErv7XkTkNJiWN3HCCc4nhWiVF4YQruCUV56zvP%2B%2F7nNG5zJIeVSIQZgGJePGNwW6as7DVMTEqRVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 8a3cd5c8c8c71c9d-FRA
alt-svc: h3=":443"; ma=86400
expires: -1

GET
H3 200 favicon.ico
care.normanmd.com/en/ 9 KB
0 0ms
0ms Other
image/x-icon 2606:4700:3030::6815:30c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://care.normanmd.com/en/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:30c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26d02991da585a1e93191cf5217a40e6b7d92788d80b6d691d427371a21b6b58

Security Headers

Name	Value
X-Frame-Options	Sameorigin

Request headers

Referer: https://care.normanmd.com/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:27:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 11 Jun 2024 20:43:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"fb5d040bcda1:0"
x-frame-options: Sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b1OaeSb8sXg4RcJ23GLVndNt70ltH%2F1mr58UlXA6XdVS3n0FW68OCFDd3vFh8Z%2FWIgm3tQmMIrUBAXhzIaftR60pc%2FLRy623kbAuuLwJrLiHFG66GKi6LhmeIpUE3rEZOhb%2FWAC4zbO6MTm3tXmRUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cf-ray: 8a3cd5c4db1f1c9d-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

241 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://care.normanmd.com/en/assets/js/Scripts/fm.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://care.normanmd.com/en/assets/js/Scripts/fm.websync.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://care.normanmd.com/en/assets/js/Scripts/fm.websync.chat.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://care.normanmd.com/en/assets/js/Scripts/fm.websync.subscribers.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
care.normanmd.com
fonts.googleapis.com
fonts.gstatic.com
p.typekit.net
url.de.m.mimecastprotect.com
use.typekit.net
www.googletagmanager.com
2606:4700:3030::6815:30c7
2a00:1450:4001:811::2003
2a00:1450:4001:829::200a
2a00:1450:4001:830::2008
2a00:1450:4001:830::200a
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:148f
51.163.159.16
0144c547051bbbda12f484f1000015b11d81be9d96c9a3065a8f8593049bc30d
04b8615b953bb6729c8e5267a89689369cbda1b1f6b10512ae402f67a488427e
09244974d9decf20f9cd3402621e4844a454f3ae43cdf509538f43c0456ba6c4
143b7fc62ecc0dba5f409fed8616c4fac53d017390a4693db6f4a55bb33bd450
14fedb173a6ea1528f67f5beda6f479c32db98728cc998ac22087f27368b849f
19a65e24c5533417e0d06e9ff1e0e3a69fccfc730a3c85db84851ec67ca255c3
1e99710d6751c520ac5bd467d65192cf45e5021edaf56aeb5de7df1fb0830118
20e6a511f928128c98480e756e08d5a3040b1b98d8388e7e54ae9041892b35c9
25f7b51259bdd77ad0b21d8817cfe2e52c278bc094761b974f530891c04a5def
26d02991da585a1e93191cf5217a40e6b7d92788d80b6d691d427371a21b6b58
338f33ea39153de0317cc5c257760faa3b9119e5f693cc8ea0d214bdda43a45a
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
36c637ff413145665890a1d52867bfcc8b90767212fa0fae29e71ac09a0ae9e4
41fd4932f7eb1934cffdbbfef3beab2ef2c1af47978c4a6b302edb64e6f74347
49da99f595f365acbb28ad33f097399a616aee25082a277e7983686eedb26868
57cb6216a64bd97fe25101386e90d7ca00284635da58b0a838154d41fd571f35
58b3381785f05dbb7a39f5c6ffcfa20561529977e252b618be72295fc2079308
595c2772ac24a2d76916efe77adc9b877e98bb4a47dbd0c764693453c3fb1339
5eb21696a89b32ecff68453a761787ad73929936d2b4fef2acd984a4519dcdc5
67d82840fcf3b75744d2b1d6406b5001ed823e0a05238181617a11d9e91d6013
68cb8f7e25928d3a2d2dab7f747b9041c2d76a3a7ca279ec44ca21da30452315
6ca123db8c4e1ce21b2eec77f927c0563c64f04d8fc6c94aff8739eef4ebc9af
6e563c706ed291b9ed34d2616cf22589ad9620379cbe2e20438ae980bbf4faa9
78c515af6cbdfd50ef12fdb493b17714ec42252137e954d00ba85385434ec70d
797fbbb441e00b72d3f44375fb24a81e42f7eef43c9ecfed9ac93faf95d68a24
7cc35bd9934686f3bc737152cef532820171d8ab1ee3c8594db7a70d5b804bf8
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8836ebe51ea15b17270b10a0729fb5950e82921b3710b6f49dbc62a07d5efc26
8e02aabccb1091cee27c543358a410aa99ceab0fd6599d339aa7ff6374a30a53
8fd9ea9cc6a914eb9e92a8b19028a4953b427bbaab7d7cb8d2897a4a6a90ef22
97f752f1bdffe4e12de8fe349f77012495c8926f74f64874a3e740960b365977
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9e9275e7c1ad25eeae4f5263b85a3d735ed37caeabc1db6283522fc9bc787353
b2ace3759f4113bb0754cd8eb935a28652e04850f8e29b76635626f30af381d4
b9c783c4e809ebe288f25426ee38e8c98006970eb41d62826f71e864535b9aa1
be08b553524afe2516979423c8147de88c9ad54ae7fb1ccdcb14bfcd6f862c7d
c1ad0427d9cc6a6696e35dce4e0874d01ec7d8aaef1200120b35e2933fc730ee
c957856c4c5121ccc3286bfec1c2fec2e0908bbf53342f53afb91a476ae1aed3
d25fc032581a8721d6898cf3331fe8e995bb56d6bfa4ede49d5898999c191494
fe90c96ce173a9cab1ead4805ebcc5e199d20a5e0d39827bb44981732dc732f1

care.normanmd.com Open in urlscan Pro 2606:4700:3030::6815:30c7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

100 %HTTPS

88 %IPv6

6 Domains

8 Subdomains

7 IPs

3 Countries

2489 kBTransfer

11929 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

care.normanmd.com Open in urlscan Pro
2606:4700:3030::6815:30c7 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

100 %
HTTPS

88 %
IPv6

6
Domains

8
Subdomains

7
IPs

3
Countries

2489 kB
Transfer

11929 kB
Size

0
Cookies

49 HTTP transactions
0 data transactions