norge.clinical-eft.com Open in urlscan Pro
18.223.159.103  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response norge.clinical-eft.com/	2 KB 1 KB	809ms 154ms	Document text/html	18.223.159.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://norge.clinical-eft.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.223.159.103 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-223-159-103.us-east-2.compute.amazonaws.com Software AmazonS3 / Resource Hash 0cb5843f6ff9ccf0cf0f89c02c081ac5f202911e237083c0f89f0963b1f2d5d3 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers age 143662 alt-svc h3=":443"; ma=86400 cache-control public, max-age=0, s-maxage=31536000 content-encoding br content-type text/html date Fri, 27 Dec 2024 17:58:02 GMT etag W/"ed5454968df414bb59f862eb944c1310" last-modified Fri, 27 Dec 2024 17:57:47 GMT server AmazonS3 transfer-encoding chunked vary Accept-Encoding via 1.1 1f25a64e755f195dbccfdacb5a82a7ce.cloudfront.net (CloudFront) x-amz-cf-id 39D1y8S62HfEUFyuj8TB5QZvjf26RDuh751OYcweoklbz9-j8KxAWA== x-amz-cf-pop CMH68-P1 x-cache Hit from cloudfront
GET H2	200	link-initialize.js Show response cdn.plaid.com/link/v2/stable/	156 KB 48 KB	302ms 106ms	Script text/javascript	13.33.187.92 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.plaid.com/link/v2/stable/link-initialize.js Requested by Host: norge.clinical-eft.com URL: https://norge.clinical-eft.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.187.92 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-187-92.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash c3f489c814468f2dab4c3bfd459d182b0dfe4737d1909c10c6aaef5e6b65c5ba Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://norge.clinical-eft.com/ Response headers content-encoding br x-amz-version-id ltJJ4cBWJfvWMtSe9xxMfibZqtFyaRrk etag W/"2b104723fcea2b7efaaf872eda65837d" age 10708 x-cache Hit from cloudfront x-amz-cf-id Ysb69tAdHtC-1UFYSGZfPJilenSYRdjYuCVrbOt6kxVwMcXD4Kw2XA== date Sun, 29 Dec 2024 06:53:57 GMT content-type text/javascript vary accept-encoding last-modified Thu, 26 Dec 2024 18:19:49 GMT x-amz-id-2 sGHoyUlxHXAWGCTVWoA8aJof3bAuUeMm20Uox8rTWDerFRlnGvu+NXZu0tZ0+rDbpeMhhXv24o0= x-amz-replication-status COMPLETED cache-control no-cache,must-revalidate,max-age=0 via 1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront) x-amz-request-id WAZZKF57AV57KA2M x-amz-cf-pop FRA60-P9 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	/ Show response js.stripe.com/v3/	694 KB 166 KB	160ms 37ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/ Requested by Host: norge.clinical-eft.com URL: https://norge.clinical-eft.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 49eb91ccb014544e86ffd670d8f1f1c2048d59e663c41655ad02651b0a1e302f Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://norge.clinical-eft.com/ Response headers x-request-id fae53d0e-3d90-40bc-b595-3fdb9c2e9137 content-encoding br etag "057d0c0fbd2c6945e582717c1b7e7e73" age 55 x-content-type-options nosniff alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT date Sun, 29 Dec 2024 09:52:24 GMT last-modified Mon, 23 Dec 2024 22:31:57 GMT content-type text/javascript; charset=utf-8 x-served-by cache-hel1410029-HEL x-cache-hits 21 vary Accept-Encoding strict-transport-security max-age=31556926; includeSubDomains; preload cache-control max-age=60 timing-allow-origin * via 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 169529 server Fastly
GET H2	200	css fonts.googleapis.com/	13 KB 985 B	226ms 78ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900 Requested by Host: norge.clinical-eft.com URL: https://norge.clinical-eft.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash dff47bae4175b044a3e8020eac2480b834691a0c39a3344128b3d2ee958930bb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://norge.clinical-eft.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Sun, 29 Dec 2024 09:52:24 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Dec 2024 09:52:24 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Sun, 29 Dec 2024 09:13:42 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	css fonts.googleapis.com/	569 B 811 B	220ms 73ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Material+Icons|Material+Symbols Requested by Host: norge.clinical-eft.com URL: https://norge.clinical-eft.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://norge.clinical-eft.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Sun, 29 Dec 2024 09:52:24 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Dec 2024 09:52:24 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Sun, 29 Dec 2024 09:52:24 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	css2 fonts.googleapis.com/	631 B 450 B	223ms 76ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200 Requested by Host: norge.clinical-eft.com URL: https://norge.clinical-eft.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 794a78ea2c9e04f9dcf3582566723f748611864d45d82e4883eeda0af4d69d95 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://norge.clinical-eft.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Sun, 29 Dec 2024 09:52:24 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Dec 2024 09:52:24 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Sun, 29 Dec 2024 09:52:24 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	css2 fonts.googleapis.com/	626 B 448 B	232ms 85ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Material+Symbols+Rounded:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200 Requested by Host: norge.clinical-eft.com URL: https://norge.clinical-eft.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 20e9781f1853c94bc98b2a2435fc424eaca275a20b4aa4762f05dbeb6058692b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://norge.clinical-eft.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Sun, 29 Dec 2024 09:52:24 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Dec 2024 09:52:24 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Sun, 29 Dec 2024 09:52:24 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H/1.1	200 OK	app.d09cfaf9.css norge.clinical-eft.com/css/	98 KB 16 KB	301ms 298ms	Stylesheet text/css	18.223.159.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://norge.clinical-eft.com/css/app.d09cfaf9.css Requested by Host: norge.clinical-eft.com URL: https://norge.clinical-eft.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.223.159.103 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-223-159-103.us-east-2.compute.amazonaws.com Software AmazonS3 / Resource Hash 22431460831bba6e671ff7f1017d0c112fcb5157c3ededaa044d7e677fe85e51 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://norge.clinical-eft.com/ Response headers transfer-encoding chunked cache-control public, max-age=0, s-maxage=31536000 content-encoding br etag W/"c8bba13d06b23113a5f50448ef081d6d" age 143632 via 1.1 d250acc8f0df4d0f6cf0c8da374c8b8e.cloudfront.net (CloudFront) alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront x-amz-cf-id qxjeYrY3E3Oh_v_hsxVdnzO8cS6WFdgO6fNlYvw7w3wzswdWrQbrEQ== date Fri, 27 Dec 2024 17:58:32 GMT content-type text/css last-modified Fri, 27 Dec 2024 17:57:47 GMT server AmazonS3 x-amz-cf-pop CMH68-P1 vary Accept-Encoding
GET H/1.1	200 OK	chunk-vendors.508cf5ae.css norge.clinical-eft.com/css/	811 KB 123 KB	607ms 305ms	Stylesheet text/css	18.223.159.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://norge.clinical-eft.com/css/chunk-vendors.508cf5ae.css Requested by Host: norge.clinical-eft.com URL: https://norge.clinical-eft.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.223.159.103 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-223-159-103.us-east-2.compute.amazonaws.com Software AmazonS3 / Resource Hash 1ffaf31cddfac87419a26dda5f1368e37f0c14f2a0d8f1f13df95ca22b0bb3d7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://norge.clinical-eft.com/ Response headers transfer-encoding chunked cache-control public, max-age=0, s-maxage=31536000 content-encoding br etag W/"bb98ec19c6f354ad94b81a6f750b4524" age 143632 via 1.1 91dd8eacda47a6712fbf02ab7b41ecce.cloudfront.net (CloudFront) alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront x-amz-cf-id noQB9YdKHLfHXH81ixk31aI6jmQZWW6GbUryTJszRBlW6hKgTnaBNw== date Fri, 27 Dec 2024 17:58:32 GMT content-type text/css last-modified Fri, 27 Dec 2024 17:57:47 GMT server AmazonS3 x-amz-cf-pop CMH68-P1 vary Accept-Encoding
GET H/1.1	200 OK	app.6ee30285.js Show response norge.clinical-eft.com/js/	1 MB 335 KB	606ms 304ms	Script text/javascript	18.223.159.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://norge.clinical-eft.com/js/app.6ee30285.js Requested by Host: norge.clinical-eft.com URL: https://norge.clinical-eft.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.223.159.103 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-223-159-103.us-east-2.compute.amazonaws.com Software AmazonS3 / Resource Hash 061f12d23fd5967a00d98c718fce290bb37d126c87dad9726ba4adaf30e1fe95 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://norge.clinical-eft.com/ Response headers transfer-encoding chunked cache-control public, max-age=0, s-maxage=31536000 content-encoding br etag W/"1661a3da23ab78f12cd6941b91b1d98f" age 143632 via 1.1 6600f36fdbb63d37961eb0d99869f3fa.cloudfront.net (CloudFront) alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront x-amz-cf-id W-rZHzyTfJ0DQsMcpyVrHHZm8ZHVz1Sm_NYMUFeNXQAWbBisUVwpkg== date Fri, 27 Dec 2024 17:58:32 GMT content-type text/javascript last-modified Fri, 27 Dec 2024 17:57:47 GMT server AmazonS3 x-amz-cf-pop CMH68-P1 vary Accept-Encoding
GET H/1.1	200 OK	chunk-vendors.ca32549a.js Show response norge.clinical-eft.com/js/	4 MB 1 MB	605ms 304ms	Script text/javascript	18.223.159.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://norge.clinical-eft.com/js/chunk-vendors.ca32549a.js Requested by Host: norge.clinical-eft.com URL: https://norge.clinical-eft.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.223.159.103 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-223-159-103.us-east-2.compute.amazonaws.com Software AmazonS3 / Resource Hash fe2cb230f5491f69921bc16c870af7926431c4b8138c1ec1f66ad9bf65666595 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://norge.clinical-eft.com/ Response headers transfer-encoding chunked cache-control public, max-age=0, s-maxage=31536000 content-encoding br etag W/"336d7a7f1ea54b71610be6beefe7d9cf" age 143632 via 1.1 eb377f5086ebfe1cf72cecf255a055ac.cloudfront.net (CloudFront) alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront x-amz-cf-id FXVTdx7Tr2jqjFuuUtlOi8Mlv_upTuUMM-RRqjpTvdiLFn8i-uLaAA== date Fri, 27 Dec 2024 17:58:32 GMT content-type text/javascript last-modified Fri, 27 Dec 2024 17:57:47 GMT server AmazonS3 x-amz-cf-pop CMH68-P1 vary Accept-Encoding
GET H/1.1	200 OK	chunk-2d0cc0a3.38cbfed3.js norge.clinical-eft.com/js/	0 1015 B	154ms 153ms	Other text/javascript	18.223.159.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://norge.clinical-eft.com/js/chunk-2d0cc0a3.38cbfed3.js Requested by Host: norge.clinical-eft.com URL: https://norge.clinical-eft.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.223.159.103 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-223-159-103.us-east-2.compute.amazonaws.com Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://norge.clinical-eft.com/ Response headers cache-control public, max-age=0, s-maxage=31536000 etag "40c301b603e9f861f88490f1cb361cb3" age 143587 via 1.1 d250acc8f0df4d0f6cf0c8da374c8b8e.cloudfront.net (CloudFront) accept-ranges bytes alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront content-length 487 x-amz-cf-id looWpR7WFvKapAR8BtiyeWzgPwGsd-Ctpbd8wJPAi1Vv1LSCLeTiaw== date Fri, 27 Dec 2024 17:59:17 GMT content-type text/javascript last-modified Fri, 27 Dec 2024 17:57:47 GMT server AmazonS3 x-amz-cf-pop CMH68-P1
GET H/1.1	200 OK	chunk-2d0e60e5.890b77c4.js norge.clinical-eft.com/js/	0 755 B	317ms 155ms	Other text/javascript	18.223.159.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://norge.clinical-eft.com/js/chunk-2d0e60e5.890b77c4.js Requested by Host: norge.clinical-eft.com URL: https://norge.clinical-eft.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.223.159.103 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-223-159-103.us-east-2.compute.amazonaws.com Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://norge.clinical-eft.com/ Response headers cache-control public, max-age=0, s-maxage=31536000 etag "39dcf3335e89faf11c3cbfb2a03fcb38" age 143441 via 1.1 91dd8eacda47a6712fbf02ab7b41ecce.cloudfront.net (CloudFront) accept-ranges bytes alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront content-length 227 x-amz-cf-id 9QHFE0ALkj9BhQMAkMjwOogtDNBLh1U7H6dD31zilRYYLmUtS_bfyw== date Fri, 27 Dec 2024 18:01:43 GMT content-type text/javascript last-modified Fri, 27 Dec 2024 17:57:47 GMT server AmazonS3 x-amz-cf-pop CMH68-P1
GET H2	200	css2 fonts.googleapis.com/	106 KB 5 KB	95ms 90ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Archivo:wght@400;700&family=Caveat:wght@400;700&family=Arvo:wght@400;700&family=BioRhyme:wght@400;700&family=Cormorant:wght@400;700&family=Crimson+Text:wght@400;700&family=Exo+2:wght@400;700&family=Fira+Sans:wght@400;700&family=Frank+Ruhl+Libre:wght@400;700&family=IBM+Plex+Sans:wght@400;700&family=Inter:wght@300;400;500;600;700&family=Karla:wght@400;700&family=Lora:wght@400;700&family=Merriweather:wght@400;700&family=Montserrat:wght@400;700&family=Noto+Sans:wght@400;700&family=Nunito:wght@400;700&family=Old+Standard+TT:wght@400;700&family=Oswald:wght@400;700&family=Playfair+Display:wght@400;700&family=Poppins:wght@400;700&family=Roboto:wght@400;700&family=Rubik:wght@400;700&family=Space+Mono:wght@400;700&family=Spectral:wght@400;700&family=Titillium+Web:wght@400;700&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700&display=swap Requested by Host: norge.clinical-eft.com URL: https://norge.clinical-eft.com/css/app.d09cfaf9.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 07eeb06017c47073ad3890c39459ec36708504eaa1aaa2f85072f72a448e6424 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://norge.clinical-eft.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Sun, 29 Dec 2024 09:52:24 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Dec 2024 09:52:24 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Sun, 29 Dec 2024 09:52:24 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	css2 fonts.googleapis.com/	4 KB 782 B	81ms 77ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Arizonia&family=Charmonman&family=Herr+Von+Muellerhoff&family=Reenie+Beanie&display=swap Requested by Host: norge.clinical-eft.com URL: https://norge.clinical-eft.com/css/app.d09cfaf9.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3b19b09567a28747953580ce2815eb283656685cde3e5898c44837a942a91f2a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://norge.clinical-eft.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Sun, 29 Dec 2024 09:52:24 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Dec 2024 09:52:24 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Sun, 29 Dec 2024 09:52:24 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	domains Show response auth.withmoxie.com/api/v1/	1 KB 2 KB	531ms 165ms	XHR application/json	18.216.105.119 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://auth.withmoxie.com/api/v1/domains?domain=norge.clinical-eft.com Requested by Host: norge.clinical-eft.com URL: https://norge.clinical-eft.com/js/chunk-vendors.ca32549a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.216.105.119 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-216-105-119.us-east-2.compute.amazonaws.com Software / Resource Hash cf9ca5e298b97b52d2c1dd9c960e9951eb5b2b025cb14dbd20f8082fbe8e2f1c Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://norge.clinical-eft.com/ Response headers cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache access-control-allow-credentials true x-content-type-options nosniff expires 0 access-control-allow-origin https://norge.clinical-eft.com date Sun, 29 Dec 2024 09:52:26 GMT x-xss-protection 1; mode=block content-type application/json vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY
GET H/1.1	404 Not Found	favicon.ico norge.clinical-eft.com/	2 KB 1 KB	503ms 202ms	Other text/html	18.223.159.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://norge.clinical-eft.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.223.159.103 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-223-159-103.us-east-2.compute.amazonaws.com Software AmazonS3 / Resource Hash 0cb5843f6ff9ccf0cf0f89c02c081ac5f202911e237083c0f89f0963b1f2d5d3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://norge.clinical-eft.com/loader Response headers transfer-encoding chunked content-encoding br etag W/"ed5454968df414bb59f862eb944c1310" via 1.1 6600f36fdbb63d37961eb0d99869f3fa.cloudfront.net (CloudFront) alt-svc h3=":443"; ma=86400 x-cache Error from cloudfront x-amz-cf-id AST5UYOC9JMlUepwvP9I-RDW2bODvkSu4sHd7IYhV0A0JXfLW3G28A== date Sun, 29 Dec 2024 09:52:26 GMT content-type text/html last-modified Fri, 27 Dec 2024 17:57:47 GMT server AmazonS3 x-amz-cf-pop CMH68-P1 vary Accept-Encoding
GET H2	200	fonts Show response pod01.hecticapp.com/api/insecure/24466/	2 B 247 B	533ms 154ms	XHR application/json	3.16.238.119 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pod01.hecticapp.com/api/insecure/24466/fonts Requested by Host: norge.clinical-eft.com URL: https://norge.clinical-eft.com/js/chunk-vendors.ca32549a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.16.238.119 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-16-238-119.us-east-2.compute.amazonaws.com Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://norge.clinical-eft.com/ Response headers access-control-allow-origin https://norge.clinical-eft.com content-encoding gzip date Sun, 29 Dec 2024 09:52:27 GMT content-type application/json vary origin,access-control-request-method,access-control-request-headers,accept-encoding access-control-allow-credentials true
POST H2	401	refresh Show response auth.withmoxie.com/api/v1/auth/portal/	179 B 522 B	152ms 151ms	XHR application/json	18.216.105.119 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://auth.withmoxie.com/api/v1/auth/portal/refresh?force=false Requested by Host: norge.clinical-eft.com URL: https://norge.clinical-eft.com/js/chunk-vendors.ca32549a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.216.105.119 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-216-105-119.us-east-2.compute.amazonaws.com Software / Resource Hash eabbbb6a7c7e502d64c93d7e4336f6dc6b03ebf0fd194b67f79fe5a7fa44ec69 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Authorization Refresh null Referer https://norge.clinical-eft.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Content-Type application/x-www-form-urlencoded Response headers cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache access-control-allow-credentials true x-content-type-options nosniff expires 0 access-control-allow-origin https://norge.clinical-eft.com date Sun, 29 Dec 2024 09:52:27 GMT x-xss-protection 1; mode=block content-type application/json vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY
OPTIONS H2	200	refresh auth.withmoxie.com/api/v1/auth/portal/ Frame	0 0	442ms 148ms	Preflight	18.216.105.119 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://auth.withmoxie.com/api/v1/auth/portal/refresh?force=false Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.216.105.119 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-216-105-119.us-east-2.compute.amazonaws.com Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers authorization Access-Control-Request-Method POST Origin https://norge.clinical-eft.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers authorization access-control-allow-methods POST access-control-allow-origin https://norge.clinical-eft.com access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0 date Sun, 29 Dec 2024 09:52:27 GMT expires 0 pragma no-cache vary Origin Access-Control-Request-Method Access-Control-Request-Headers x-content-type-options nosniff x-frame-options DENY x-xss-protection 1; mode=block
GET H3	200	css fonts.googleapis.com/	8 KB 723 B	76ms 75ms	Stylesheet text/css	142.250.186.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Comfortaa:200,300,400,500,600 Requested by Host: norge.clinical-eft.com URL: https://norge.clinical-eft.com/js/chunk-vendors.ca32549a.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.170 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f10.1e100.net Software ESF / Resource Hash 63ca044e26f30b78ab74fd91932b66e540d0f362bf5e6fa2ba771cf850a3dd1e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://norge.clinical-eft.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Sun, 29 Dec 2024 09:52:27 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Dec 2024 09:52:27 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Sun, 29 Dec 2024 09:52:27 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H/1.1	200 OK	bb41f4e7-a6af-478a-b0ff-1fbf4b09f6f6.png hctc-public.s3.us-east-2.amazonaws.com/	68 KB 68 KB	555ms 182ms	Image image/png	52.219.101.58 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://hctc-public.s3.us-east-2.amazonaws.com/bb41f4e7-a6af-478a-b0ff-1fbf4b09f6f6.png Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.219.101.58 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-r-w.us-east-2.amazonaws.com Software AmazonS3 / Resource Hash 8609858f6e7c1c09e2480a28a596b9ea60b74a5768123ac20ec426a060b3b8e1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://norge.clinical-eft.com/ Response headers x-amz-id-2 pwx2sshy1s+0+T4AfFn0M3paCUNC3+nEWwRCTg2CrutM1uTyVUJLfn9GIqhuJYqXDC3zg2t5lC4= ETag "86e4aa115e4de441c140c5a7ea284a87" x-amz-request-id VQJQHWAFDX1W5FA0 Accept-Ranges bytes Content-Length 69605 Date Sun, 29 Dec 2024 09:52:28 GMT Last-Modified Wed, 11 Dec 2024 04:07:27 GMT Content-Type image/png Server AmazonS3 x-amz-server-side-encryption AES256
GET H/1.1	200 OK	5b7aa492-706b-401e-8e80-e6d84d999e7d.jpg hctc-public.s3.us-east-2.amazonaws.com/	533 KB 533 KB	562ms 194ms	Image image/jpeg	52.219.101.58 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://hctc-public.s3.us-east-2.amazonaws.com/5b7aa492-706b-401e-8e80-e6d84d999e7d.jpg Requested by Host: norge.clinical-eft.com URL: https://norge.clinical-eft.com/css/app.d09cfaf9.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.219.101.58 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-r-w.us-east-2.amazonaws.com Software AmazonS3 / Resource Hash 19a17535554238c68f7f843ce86ab18c121ea1b13fe1570d96e51c7edd21bbdf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://norge.clinical-eft.com/ Response headers x-amz-id-2 KJ73b9NkzyqiA6LGc+Sc/0WLPoyX69QrZtm5i2dgIO9gnjTUUycBIWCSvLd5Vd8pUWgtX8tXMnY= ETag "90a9dea03b1553b6a5db8afddefbab4b" x-amz-request-id VQJJCH9YR98Q83DS Accept-Ranges bytes Content-Length 545699 Date Sun, 29 Dec 2024 09:52:28 GMT Last-Modified Wed, 08 Nov 2023 13:56:36 GMT Content-Type image/jpeg Server AmazonS3 x-amz-server-side-encryption AES256
GET H3	200	kJEhBvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oFsI.woff2 fonts.gstatic.com/s/materialsymbolsoutlined/v222/	3 MB 3 MB	199ms 118ms	Font font/woff2	142.250.185.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialsymbolsoutlined/v222/kJEhBvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oFsI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f3.1e100.net Software sffe / Resource Hash 6cdaa1f5b947a792598c00dcd8d750599bcaeafef495d4eb418ee9eeb7764937 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://norge.clinical-eft.com Referer https://fonts.googleapis.com/ Response headers age 433458 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 24 Dec 2025 09:28:09 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 24 Dec 2024 09:28:09 GMT last-modified Wed, 04 Dec 2024 06:44:43 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 3394148 x-xss-protection 0 server sffe
GET H3	200	flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 fonts.gstatic.com/s/materialicons/v142/	125 KB 125 KB	152ms 72ms	Font font/woff2	142.250.185.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Material+Icons|Material+Symbols Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f3.1e100.net Software sffe / Resource Hash 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://norge.clinical-eft.com Referer https://fonts.googleapis.com/ Response headers age 323836 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 25 Dec 2025 15:55:11 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 25 Dec 2024 15:55:11 GMT last-modified Mon, 08 Apr 2024 19:04:47 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 128352 x-xss-protection 0 server sffe
GET H3	200	1Ptsg8LJRfWJmhDAuUs4TYFq.woff2 fonts.gstatic.com/s/comfortaa/v45/	30 KB 30 KB	134ms 66ms	Font font/woff2	142.250.185.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/comfortaa/v45/1Ptsg8LJRfWJmhDAuUs4TYFq.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Comfortaa:200,300,400,500,600 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f3.1e100.net Software sffe / Resource Hash 2b4fc84ee04adaaab536bfd9e79fd2d30cf6c16eb85e4ac25c692b3a4a2b91e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://norge.clinical-eft.com Referer https://fonts.googleapis.com/ Response headers age 435183 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 24 Dec 2025 08:59:24 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 24 Dec 2024 08:59:24 GMT last-modified Thu, 24 Aug 2023 20:50:19 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 30512 x-xss-protection 0 server sffe
GET H3	200	1Ptsg8LJRfWJmhDAuUs4TYFq.woff2 fonts.gstatic.com/s/comfortaa/v45/	30 KB 0	135ms 135ms	Font font/woff2	142.250.185.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/comfortaa/v45/1Ptsg8LJRfWJmhDAuUs4TYFq.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Comfortaa:200,300,400,500,600 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f3.1e100.net Software sffe / Resource Hash 2b4fc84ee04adaaab536bfd9e79fd2d30cf6c16eb85e4ac25c692b3a4a2b91e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://norge.clinical-eft.com Referer https://fonts.googleapis.com/ Response headers age 435183 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 24 Dec 2025 08:59:24 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 24 Dec 2024 08:59:24 GMT last-modified Thu, 24 Aug 2023 20:50:19 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 30512 x-xss-protection 0 server sffe
GET H3	200	1Ptsg8LJRfWJmhDAuUs4TYFq.woff2 fonts.gstatic.com/s/comfortaa/v45/	30 KB 0	137ms 137ms	Font font/woff2	142.250.185.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/comfortaa/v45/1Ptsg8LJRfWJmhDAuUs4TYFq.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Comfortaa:200,300,400,500,600 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f3.1e100.net Software sffe / Resource Hash 2b4fc84ee04adaaab536bfd9e79fd2d30cf6c16eb85e4ac25c692b3a4a2b91e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://norge.clinical-eft.com Referer https://fonts.googleapis.com/ Response headers age 435183 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 24 Dec 2025 08:59:24 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 24 Dec 2024 08:59:24 GMT last-modified Thu, 24 Aug 2023 20:50:19 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 30512 x-xss-protection 0 server sffe
GET H3	200	1Ptsg8LJRfWJmhDAuUs4TYFq.woff2 fonts.gstatic.com/s/comfortaa/v45/	30 KB 0	139ms 138ms	Font font/woff2	142.250.185.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/comfortaa/v45/1Ptsg8LJRfWJmhDAuUs4TYFq.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Comfortaa:200,300,400,500,600 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f3.1e100.net Software sffe / Resource Hash 2b4fc84ee04adaaab536bfd9e79fd2d30cf6c16eb85e4ac25c692b3a4a2b91e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://norge.clinical-eft.com Referer https://fonts.googleapis.com/ Response headers age 435183 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 24 Dec 2025 08:59:24 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 24 Dec 2024 08:59:24 GMT last-modified Thu, 24 Aug 2023 20:50:19 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 30512 x-xss-protection 0 server sffe
GET H2	200	m-outer-3437aaddcdf6922d623e172c2d6f9278.html js.stripe.com/v3/ Frame 4FB5	0 0	106ms 36ms	Document text/html	151.101.128.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://norge.clinical-eft.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-origin * age 2184949 alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 cache-control max-age=31536000 content-encoding br content-length 154 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Sun, 29 Dec 2024 09:52:29 GMT etag "3437aaddcdf6922d623e172c2d6f9278" last-modified Fri, 11 Nov 2022 20:25:37 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 399880 x-content-type-options nosniff x-request-id c54c57b6-514c-48ca-9eb0-40cf0d2157bd x-served-by cache-hel1410028-HEL

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| Plaid object| webpackJsonpPlaid object| webpackChunkStripeJSouter function| noop function| Stripe object| webpackJsonp object| core function| _ function| iFrameResize function| Color function| Chart object| tinymce object| tinyMCE

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			m.stripe.com/	1970-01-21 11:40:25	Name: m Value: 7dc9dcb7-6c74-4b74-8b7b-7dad585a22bd0590e7
			.norge.clinical-eft.com/	1970-01-21 10:50:01	Name: __stripe_mid Value: c8133fbf-7cb7-4a9a-883f-926d307afff8ccf956
			.norge.clinical-eft.com/	1970-01-21 02:04:27	Name: __stripe_sid Value: 411eeaec-f270-4712-94ee-4cb0d6f2a50156243f

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://norge.clinical-eft.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://auth.withmoxie.com/api/v1/auth/portal/refresh?force=false Message: Failed to load resource: the server responded with a status of 401 ()
recommendation	verbose	URL: https://norge.clinical-eft.com/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.withmoxie.com
cdn.plaid.com
fonts.googleapis.com
fonts.gstatic.com
hctc-public.s3.us-east-2.amazonaws.com
js.stripe.com
norge.clinical-eft.com
pod01.hecticapp.com
13.33.187.92
142.250.185.99
142.250.186.170
151.101.0.176
151.101.128.176
18.216.105.119
18.223.159.103
2a00:1450:4001:803::200a
3.16.238.119
52.219.101.58
061f12d23fd5967a00d98c718fce290bb37d126c87dad9726ba4adaf30e1fe95
07eeb06017c47073ad3890c39459ec36708504eaa1aaa2f85072f72a448e6424
0cb5843f6ff9ccf0cf0f89c02c081ac5f202911e237083c0f89f0963b1f2d5d3
19a17535554238c68f7f843ce86ab18c121ea1b13fe1570d96e51c7edd21bbdf
1ffaf31cddfac87419a26dda5f1368e37f0c14f2a0d8f1f13df95ca22b0bb3d7
20e9781f1853c94bc98b2a2435fc424eaca275a20b4aa4762f05dbeb6058692b
22431460831bba6e671ff7f1017d0c112fcb5157c3ededaa044d7e677fe85e51
2b4fc84ee04adaaab536bfd9e79fd2d30cf6c16eb85e4ac25c692b3a4a2b91e5
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
3b19b09567a28747953580ce2815eb283656685cde3e5898c44837a942a91f2a
49eb91ccb014544e86ffd670d8f1f1c2048d59e663c41655ad02651b0a1e302f
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
63ca044e26f30b78ab74fd91932b66e540d0f362bf5e6fa2ba771cf850a3dd1e
6cdaa1f5b947a792598c00dcd8d750599bcaeafef495d4eb418ee9eeb7764937
794a78ea2c9e04f9dcf3582566723f748611864d45d82e4883eeda0af4d69d95
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8609858f6e7c1c09e2480a28a596b9ea60b74a5768123ac20ec426a060b3b8e1
c3f489c814468f2dab4c3bfd459d182b0dfe4737d1909c10c6aaef5e6b65c5ba
cf9ca5e298b97b52d2c1dd9c960e9951eb5b2b025cb14dbd20f8082fbe8e2f1c
dff47bae4175b044a3e8020eac2480b834691a0c39a3344128b3d2ee958930bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eabbbb6a7c7e502d64c93d7e4336f6dc6b03ebf0fd194b67f79fe5a7fa44ec69
fe2cb230f5491f69921bc16c870af7926431c4b8138c1ec1f66ad9bf65666595