urlscan.io logo urlscan.io
SecurityTrails logo

fortexdesign.norby.live Open in urlscan Pro
2a00:1450:4001:806::2013  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://docsend.com/view/af3afihi3mfatmhw
Effective URL: https://fortexdesign.norby.live/
Submission: On June 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 2 countries across 15 domains to perform 52 HTTP transactions. The main IP is 2a00:1450:4001:806::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is fortexdesign.norby.live.
TLS certificate: Issued by R3 on May 31st 2023. Valid for: 3 months.
This is the only time fortexdesign.norby.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    3.220.57.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-57-224.compute-1.amazonaws.com
docsend.com
7    2a00:1450:4001:806::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fortexdesign.norby.live
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42:8d::720 (United States)

ASN54113 (FASTLY, US)
norby.imgix.net
1    2606:4700::6812:883b (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:2240:1000:9:5968:9680:21 (United States)

ASN16509 (AMAZON-02, US)
d1ibfj737ra5p6.cloudfront.net
1    2606:4700::6811:61ac (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2606:4700::6810:88ce (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6812:19c4 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
3    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubspot.com
track.hubspot.com
3    151.101.192.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firestore.googleapis.com
6    3.230.33.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-33-56.compute-1.amazonaws.com
auth.services.norby.live
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
2    2600:9000:2057:c200:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    52.42.183.117 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-183-117.us-west-2.compute.amazonaws.com
m.stripe.com
4    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
identitytoolkit.googleapis.com
Apex Domain
Subdomains		 Transfer
15 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 80
firestore.googleapis.com — Cisco Umbrella Rank: 2042
identitytoolkit.googleapis.com — Cisco Umbrella Rank: 6250
15 KB
13 norby.live
fortexdesign.norby.live
auth.services.norby.live
791 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1734
q.stripe.com — Cisco Umbrella Rank: 13672
m.stripe.com — Cisco Umbrella Rank: 1579
143 KB
3 hubspot.com
api.hubspot.com — Cisco Umbrella Rank: 5008
track.hubspot.com — Cisco Umbrella Rank: 2462
2 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1902
18 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1832
315 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 82
129 KB
2 gstatic.com
fonts.gstatic.com
19 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2377
64 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2379
21 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 5195
22 KB
1 cloudfront.net
d1ibfj737ra5p6.cloudfront.net
28 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2641
1 KB
1 imgix.net
norby.imgix.net
8 KB
1 docsend.com
docsend.com — Cisco Umbrella Rank: 77778
5 KB
52 15
Domain Requested by
9 firestore.googleapis.com fortexdesign.norby.live
7 fortexdesign.norby.live fortexdesign.norby.live
6 auth.services.norby.live fortexdesign.norby.live
4 identitytoolkit.googleapis.com fortexdesign.norby.live
3 q.stripe.com fortexdesign.norby.live
3 js.stripe.com fortexdesign.norby.live
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 region1.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com fortexdesign.norby.live
www.googletagmanager.com
2 api.hubspot.com fortexdesign.norby.live
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com fortexdesign.norby.live
client
1 m.stripe.com m.stripe.network
1 track.hubspot.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 d1ibfj737ra5p6.cloudfront.net fortexdesign.norby.live
1 js.hs-scripts.com fortexdesign.norby.live
1 norby.imgix.net fortexdesign.norby.live
1 docsend.com 1 redirects
52 21

This site contains links to these domains. Also see Links.

Domain
ipfs.io
join.nor.by
my.nor.by
Subject Issuer Validity Valid
*.norby.live
R3		 2023-05-31 -
2023-08-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-03-05 -
2024-04-05		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2023-02-05 -
2024-02-05		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-05-12 -
2023-08-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
edgecert.googleapis.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-05-25 -
2023-08-23		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-28 -
2023-07-26		 4 months crt.sh

This page contains 3 frames:

Primary Page: https://fortexdesign.norby.live/
Frame ID: DC4B31656E35CC0A073975D45CDEAA8D
Requests: 38 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: C5D894C99A116A0129DED470AEA6B5EA
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 0E1C770082F96B588BB4EB9956F996BC
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WELCOME TO ONEDRIVE SECURE PORTAL: Home

Page URL History Show full URLs

  1. http://docsend.com/view/af3afihi3mfatmhw HTTP 307
    https://docsend.com/view/af3afihi3mfatmhw HTTP 302
    https://fortexdesign.norby.live/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Page Statistics

52
Requests

100 %
HTTPS

75 %
IPv6

15
Domains

21
Subdomains

19
IPs

2
Countries

1260 kB
Transfer

3848 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://docsend.com/view/af3afihi3mfatmhw HTTP 307
    https://docsend.com/view/af3afihi3mfatmhw HTTP 302
    https://fortexdesign.norby.live/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fortexdesign.norby.live/
Redirect Chain
  • http://docsend.com/view/af3afihi3mfatmhw
  • https://docsend.com/view/af3afihi3mfatmhw
  • https://fortexdesign.norby.live/
41 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fortexdesign.norby.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
2e90274749e6e606a81e52e808af1ea1a7485506d3d27cfb055da8317ad80680

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
10057
content-type
text/html; charset=utf-8
date
Thu, 15 Jun 2023 17:16:40 GMT
etag
W/"a229-p+ODJuxR2rsK3sgmUPbIgS42XnM"
server
Google Frontend
vary
Accept-Encoding
x-cloud-trace-context
73880e2f58f3aaa2650de63a1c20445a
x-powered-by
Express

Redirect headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://assets.docsend.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://*.google-analytics.com https://cdn.segment.com https://scripts.kissmetrics.com https://*.id.opendns.com https://www.youtube.com https://*.ytimg.com https://vimeo.com https://www.vimeo.com https://www.googletagmanager.com https://www.googleadservices.com https://tagmanager.google.com https://connect.facebook.net https://*.quora.com https://*.bing.com https://api.autopilothq.com https://*.capterra.com https://*.g.doubleclick.net https://js.hs-analytics.net https://js.hs-scripts.com https://js-na1.hs-scripts.com https://js.hscollectedforms.net https://js.hsleadflows.net https://js.stripe.com https://checkout.stripe.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://maps.googleapis.com https://static.filestackapi.com https://zapier.com https://d2wy8f7a9ursnm.cloudfront.net https://polyfill.io/v3/polyfill.min.js 'nonce-LV+F1CBoFIZAhcnrLfyi0Q=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend; default-src 'self'; base-uri 'self'; child-src 'self' blob:; connect-src 'self' blob: https://assets.docsend.com https://d2qvtfnm75xrxf.cloudfront.net https://*.previews.dropboxusercontent.com/*/p.m3u8 https://*.dropboxusercontent.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.intercomcdn.com https://uploads.intercomusercontent.com https://sessions.bugsnag.com https://notify.bugsnag.com https://*.browser-intake-datadoghq.com https://*.kissmetrics.com https://*.kissmetrics.io https://api.segment.io https://cdn.segment.com https://*.id.opendns.com https://www.google-analytics.com https://*.g.doubleclick.net https://www.facebook.com https://api.autopilothq.com https://*.filestackapi.com https://cdn.filestackcontent.com https://s3.amazonaws.com https://*.dropbox.com https://*.dropboxapi.com https://*.dropboxstatic.com https://browser.pipe.aria.microsoft.com https://checkout.stripe.com https://forms.hubspot.com https://*.pubnub.com https://docsend-prod.s3.amazonaws.com; font-src 'self' https: data: chrome-extension:; form-action 'self' https://docsend.com https://*.docsend.com https://intercom.help https://api-iam.intercom.io https://accounts.google.com https://www.linkedin.com https://*.salesforce.com https://www.dropbox.com https://accounts.logme.in https://secure.join.me https://*.okta.com https://*.oktapreview.com https://*.jumpcloud.com https://*.onelogin.com https://zapier.com https://ifttt.com https://www.facebook.com; frame-src 'self' https://assets.docsend.com https://*.previews.dropboxusercontent.com/ https://js.stripe.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://*.g.doubleclick.net https://tpc.googlesyndication.com https://www.facebook.com https://telemetryservice.firstpartyapps.oaspapps.com https://consent.dropbox.com https://ifttt.com; img-src 'self' https: data: blob: chrome-extension:; media-src 'self' blob: data: https://d2qvtfnm75xrxf.cloudfront.net https://js.intercomcdn.com https://*.dropboxusercontent.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://assets.docsend.com https://fonts.googleapis.com https://tagmanager.google.com https://static.filestackapi.com https://use.fontawesome.com https://vjs.zencdn.net; worker-src 'self' blob:
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Jun 2023 17:16:40 GMT
Location
https://fortexdesign.norby.live
Server
nginx
Strict-Transport-Security
max-age=31556952; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Via
1.1 vegur
X-Frame-Options
DENY
X-Request-Id
b9d9b23c-99e2-43ce-88a4-4cad84b4ae2f
X-Runtime
0.249492
css2
fonts.googleapis.com/ 		402 B
717 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Abel&display=swap
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
06173c7a47216b2032a5caff35acf38ac5b8b6d1499e757c70c1b4695bca79d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fortexdesign.norby.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Jun 2023 17:16:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 15 Jun 2023 16:54:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Jun 2023 17:16:40 GMT
https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fmagic-sauce.appspot.com%2Fo%2Fimages%252Fd59401aa-0515-4711-a0ce-209058b2640a.png%3Falt%3Dmedia%26token%3D5fada34f-bb45-4127-8ae8-9804f2580fac
norby.imgix.net/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://norby.imgix.net/https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fmagic-sauce.appspot.com%2Fo%2Fimages%252Fd59401aa-0515-4711-a0ce-209058b2640a.png%3Falt%3Dmedia%26token%3D5fada34f-bb45-4127-8ae8-9804f2580fac?ixlib=js-2.3.2&fit=clip&w=1600&auto=compress%2Cformat&fm=webp%2Cjp2&s=78bc558edba0f6a733e5069669bf4b76
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
2c69b9906295780a33f690fc8731e03d1482eba626c06fe96b6617d5154f53da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fortexdesign.norby.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:16:40 GMT
x-content-type-options
nosniff
age
85205
x-cache
HIT, HIT
x-imgix-id
2606cd420369ab0a08840e371fd26fed7b00f143
cross-origin-resource-policy
cross-origin
content-length
7379
x-served-by
cache-sjc1000088-SJC, cache-fra-eddf8230082-FRA
x-imgix-render-farm
01.139824
last-modified
Wed, 14 Jun 2023 17:36:35 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
X-Imgix-Bg-Remove-Failure-Reason
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
8439434.js
js.hs-scripts.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/8439434.js
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:883b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c954cdf8d1388175eab30699529ec50576b1d30a0285e52031a9e0b042b4b8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fortexdesign.norby.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:16:40 GMT
content-encoding
br
cf-cache-status
EXPIRED
x-hubspot-correlation-id
52a85b6e-5a2c-4faf-8321-2df432ca2ec6
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
5
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
dd1e8b33-40b1-4a4a-8550-87c62cfd7a28
last-modified
Wed, 14 Jun 2023 21:34:06 GMT
server
cloudflare
x-trace
2B77A232F04AEC445002A34BE76787AD3543E697C9000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://fortexdesign.norby.live
x-evy-trace-virtual-host
all
cache-control
public, max-age=60
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-598c95b5b7-s6jrd
cf-ray
7d7c7651987939d9-FRA
expires
Thu, 15 Jun 2023 17:17:40 GMT
runtime.a7121472fbd1f705.js
fortexdesign.norby.live/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fortexdesign.norby.live/runtime.a7121472fbd1f705.js
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
747aed8cf9779bd48d29ad486577b1736ce5041c138b135804391cb05b4fc1a7

Request headers

Referer
https://fortexdesign.norby.live/
Origin
https://fortexdesign.norby.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:16:40 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"e8d-49773873e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
93b13a7a90fbc08c573b91ff89ec3f9e
cache-control
public, max-age=31536000
content-length
2032
polyfills.2a15d84f904a28c5.js
fortexdesign.norby.live/ 		205 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fortexdesign.norby.live/polyfills.2a15d84f904a28c5.js
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
0d2126618fbaa6823d1c4e3512f115d09ebf09f887db895593b324fc8b47475e

Request headers

Referer
https://fortexdesign.norby.live/
Origin
https://fortexdesign.norby.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:16:40 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"3356c-49773873e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
520907829ee00b64249cba51d0134f8d
cache-control
public, max-age=31536000
content-length
84404
main.449eb1cab6097b0c.js
fortexdesign.norby.live/ 		2 MB
682 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fortexdesign.norby.live/main.449eb1cab6097b0c.js
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
8bb3180aff59a45abade8a4282f9240b3561e1bef8ddb2a62d77f056de04a2f0

Request headers

Referer
https://fortexdesign.norby.live/
Origin
https://fortexdesign.norby.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:16:40 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"20bb94-49773873e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
11690633deb623049cf964aaa4687b07
cache-control
public, max-age=31536000
content-length
696766
styles.20f50fdd556e8442.css
fortexdesign.norby.live/ 		39 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fortexdesign.norby.live/styles.20f50fdd556e8442.css
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
c0e840b6b53b75f06afd8b64441203ff6839df06b74934478020d1fc5199c95c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fortexdesign.norby.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:16:40 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"9bcc-49773873e8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
x-cloud-trace-context
718010438512b95697ae2a1c5ed6f7c1
cache-control
public, max-age=31536000
content-length
8489
MwQ5bhbm2POE2V9BPQ.woff2
fonts.gstatic.com/s/abel/v18/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abel&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bea498aed7cc1366e8b966e467b98219c803107d728eab8a6c4c9b045def699
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fortexdesign.norby.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 05:24:52 GMT
x-content-type-options
nosniff
age
474708
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9588
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:29:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 05:24:52 GMT
basis-grotesque-regular.woff2
d1ibfj737ra5p6.cloudfront.net/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1ibfj737ra5p6.cloudfront.net/basis-grotesque-regular.woff2
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:1000:9:5968:9680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c29f0dba8c03bce04f071751499a6ade13b8b1632e39be2017c290ed1c36679

Request headers

Referer
https://fortexdesign.norby.live/
Origin
https://fortexdesign.norby.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 06:26:00 GMT
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
last-modified
Sat, 03 Oct 2020 19:25:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
39041
etag
"72b2150ce2842de8ae12c1291351724f"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
content-length
27956
x-amz-cf-id
PGAtMDZpZ3zgy9UJKvnfEVT7lAsvAsq6RxxbeDgHd6jxO1QhCLukFQ==
conversations-embed.js
js.usemessages.com/ 		75 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8439434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:61ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbbe9c4d273a13abdade0522f1d5323410659451ef72fb80c16f372ae206b282

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fortexdesign.norby.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:16:41 GMT
x-amz-version-id
QamE4Oe0AGtrfJSqbw051Y47gukyknvh
via
1.1 e6c353101750d150139bda8d95719802.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
IAD12-P1
age
399
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.13423/bundles/project.js&cfRay=7d7c6c96c8a45be5-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
3
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
672e350b-c162-4c63-bcd3-39d910a7340b
last-modified
Tue, 13 Jun 2023 10:43:24 UTC
server
cloudflare
etag
W/"bd6464fa791153e75807e46f33ec851c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-x5fmx
cf-ray
7d7c76547e526958-FRA
x-amz-cf-id
DoMpFrCYqHvgsA3gx2ttX-TDSOMrQ0GmvdEzzg8kGGmaqYYu51UlbQ==
x-hs-target-asset
conversations-embed/static-1.13423/bundles/project.js
8439434.js
js.hs-analytics.net/analytics/1686849300000/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1686849300000/8439434.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8439434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:88ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf2f5e5e4f00b61be95219410b2e167ee0de6add808944b9f12ccfe251ea8bb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fortexdesign.norby.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:16:41 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
9XX2PFJYNJXY9ZVW
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-envoy-upstream-service-time
22
x-amz-id-2
jzSOTu4iefEvxpvb7dKV1n913gzKUltESffxh/X2sxCMHT19lSyS/8POrZ+SR64Dn2//CN/S2UY=
x-evy-trace-listener
listener_https
x-request-id
bfef9fcf-26ca-403c-b6d6-ae50ce3b91dd
x-evy-trace-route-configuration
listener_https/all
last-modified
Thu, 15 Jun 2023 14:58:48 GMT
server
cloudflare
etag
W/"dcc8d914acda2f1d1e06d45d62ac95c8"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-f4w7q
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
7d7c76546956bba9-FRA
expires
Thu, 15 Jun 2023 17:21:41 GMT
banner.js
js.hs-banner.com/v2/8439434/ 		208 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/8439434/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8439434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f54675f7e442cae4c1c812515e1fd2624925b9af97011b7c923d8e1376c190e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fortexdesign.norby.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:16:41 GMT
x-amz-version-id
JRxSplJ9USrJxmtm3gczUbY8UU1TImIB
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
TKZ6D765KQAFQ838
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-envoy-upstream-service-time
60
x-amz-id-2
9Mw/WMb52aMVnpS8aQThaGgtqPO5bOJ/8kWpbAe85tW0FKWIva1KNqQ3x2l2B4yJWPPSeRS2V3w=
x-evy-trace-listener
listener_https
x-request-id
9b34de9e-9dac-4568-9262-425223483ef4
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 05 Jun 2023 18:33:42 GMT
server
cloudflare
etag
W/"8ae8acd5d5093f1d77d73cb4bcb1dd26"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://brayzenagency.nor.by
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-v9vn7
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
7d7c76546c5f35ee-FRA
expires
Thu, 15 Jun 2023 17:21:41 GMT
public
api.hubspot.com/livechat-public/v1/message/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=8439434&conversations-embed=static-1.13423&mobile=false&messagesUtk=c68b798a1f1f4da3b5aecc33241fa96d&traceId=c68b798a1f1f4da3b5aecc33241fa96d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://fortexdesign.norby.live
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://fortexdesign.norby.live
allow
HEAD,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d7c7654ed9f2baf-FRA
content-length
18
content-type
text/plain; charset=utf-8
date
Thu, 15 Jun 2023 17:16:41 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCxwUuV192n39FCqP6NXnuxuzaZPr9xQ0tHbQm2k3IJHWebchBz5LstjxPKLu7gQfzlGpppk5zh2XrgEDWRf262SgwIhPUWGUea%2FE8XvJhzOC33AYBo4OVBtQIDhU%2FCad1mxlqomJARrWQhiSw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-envoy-upstream-service-time
3
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-598c95b5b7-gh8bb
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
552e1688-b1fc-4033-bd93-8fa94816cad4
x-request-id
29f5bfd1-a251-4dbd-9aaf-685b0bfa4a5c
x-trace
2B6BF75ED6B5C5AC0F8C38FF09EDD8B5599B0A51AE000000000000000000
public
api.hubspot.com/livechat-public/v1/message/ 		266 B
890 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=8439434&conversations-embed=static-1.13423&mobile=false&messagesUtk=c68b798a1f1f4da3b5aecc33241fa96d&traceId=c68b798a1f1f4da3b5aecc33241fa96d
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/polyfills.2a15d84f904a28c5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
246d43b474bd92203ec41037db871dbfd520d0e24408f172399dfd9cda8ecc19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://fortexdesign.norby.live/
accept-language
de-DE,de;q=0.9
X-HubSpot-Messages-Uri
https://fortexdesign.norby.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:16:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
03a52a3b-3d7c-45ac-b1c0-6dc2aa99ae9f
x-envoy-upstream-service-time
9
alt-svc
h3=":443"; ma=86400
content-length
210
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
4d4780dd-ce54-4d59-8c05-7f2df63cb8cd
server
cloudflare
x-trace
2B50F9FCCB64373460F8BE69195AF58E9A3B379812000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://fortexdesign.norby.live
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-598c95b5b7-gh8bb
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nNZuBpi7G5U%2Bll2%2FMgkpb%2FneHZD80N36SJq8ZeqFcXcNXvYF6e1HT%2BgYesVWMQ5h7T%2Fq4gpTf0EcZ%2B93L3l3CAlUNg0NwGTiGqcMa%2FmxY7YJnQkbJvsMiLeTMlHIIyd2X%2B1Pq%2BHBQrmJ2IKOIg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7d7c7655ce9f2baf-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
v3
js.stripe.com/ 		502 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/main.449eb1cab6097b0c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ba40e70ee97319382481b48b9ba3ed10572725d03dc56c6be74706e509d03b40
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fortexdesign.norby.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 15 Jun 2023 17:16:41 GMT
via
1.1 varnish
age
27
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
141882
x-request-id
03c5acbc-dda6-42f2-9cf9-3a3cf5e86cb6
x-served-by
cache-fra-eddf8230096-FRA
last-modified
Wed, 14 Jun 2023 21:40:34 GMT
server
Fastly
etag
"70ebec6ddfdb804f0cd0533db827751d"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
11
common.1d8c6102b95ec3a5.js
fortexdesign.norby.live/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fortexdesign.norby.live/common.1d8c6102b95ec3a5.js
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/runtime.a7121472fbd1f705.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
6e0327ef811b3e2ee73ffc2bf953c742aa9cfe23f44cfd263a2767b5523fb9a0

Request headers

Referer
https://fortexdesign.norby.live/
Origin
https://fortexdesign.norby.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:16:41 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"c92-49773873e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
db5954c990adf19733dde4ececa068a7
cache-control
public, max-age=31536000
content-length
1471
139.99084313ef92a094.js
fortexdesign.norby.live/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fortexdesign.norby.live/139.99084313ef92a094.js
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/runtime.a7121472fbd1f705.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
0917fc1b382af4d266e15da4bf60fa91029907e7d72e361e5cfaee6d34f11c26

Request headers

Referer
https://fortexdesign.norby.live/
Origin
https://fortexdesign.norby.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:16:41 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"c0f-49773873e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
dbe484f42f52c7bcaa1e087e3a1951bc
cache-control
public, max-age=31536000
content-length
1525
gtm.js
www.googletagmanager.com/ 		116 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PGHBSRJ
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/main.449eb1cab6097b0c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
841aee2b5db46b64f2fd2da413fdd8d1fed27176566e5f3d078833cf36770331
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fortexdesign.norby.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:16:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46215
x-xss-protection
0
last-modified
Thu, 15 Jun 2023 16:06:55 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Jun 2023 17:16:42 GMT
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 		54 B
458 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fmagic-sauce%2Fdatabases%2F(default)&RID=21205&CVER=22&X-HTTP-Session-Id=gsessionid&zx=tksb12ge2ujl&t=1
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/polyfills.2a15d84f904a28c5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8a2f18f96aa2f9493652b329c100b87af8c7d9d981561da110eca663e8528482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fortexdesign.norby.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 15 Jun 2023 17:16:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-client-wire-protocol
h2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://fortexdesign.norby.live
access-control-expose-headers
x-client-wire-protocol,x-http-session-id
cache-control
private
access-control-allow-credentials
true
x-http-session-id
kXHhpayIyvgYBTBQtsGpOHf_VRi7_o1YZU-Kbd_Ms38
refresh
auth.services.norby.live/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.services.norby.live/auth/refresh
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.33.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-33-56.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'nonce-3cfae0b83877abf9187dd440df7e5a6c'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-client-tz,x-slug
Access-Control-Request-Method
POST
Origin
https://fortexdesign.norby.live
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
x-client-tz,x-slug
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://fortexdesign.norby.live
Connection
keep-alive
Content-Length
0
Content-Security-Policy
default-src 'self';script-src 'self' 'nonce-3cfae0b83877abf9187dd440df7e5a6c'
Date
Thu, 15 Jun 2023 17:16:42 GMT
Expect-CT
max-age=0
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Origin, Access-Control-Request-Headers
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
0
refresh
auth.services.norby.live/auth/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.services.norby.live/auth/refresh
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/polyfills.2a15d84f904a28c5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.33.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-33-56.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'nonce-aafc61849a5baf09bbcef376d7945694'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-client-tz
Etc/Unknown
Accept
application/json, text/plain, */*
Referer
https://fortexdesign.norby.live/
x-slug
fortexdesign
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 15 Jun 2023 17:16:42 GMT
Content-Security-Policy
default-src 'self';script-src 'self' 'nonce-aafc61849a5baf09bbcef376d7945694'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15552000; includeSubDomains
Referrer-Policy
no-referrer
Expect-CT
max-age=0
X-DNS-Prefetch-Control
off
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Access-Control-Allow-Origin
https://fortexdesign.norby.live
Vary
Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
0
js
www.googletagmanager.com/gtag/ 		240 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LMFW6LF75X&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGHBSRJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
64c173c7755d7c75da8132fe585f33a15e89196941f7c1cd65c0d28d6ae23d56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fortexdesign.norby.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:16:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85298
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Jun 2023 17:16:42 GMT
collect
region1.google-analytics.com/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LMFW6LF75X&gtm=45je36c0&_p=1326296757&cid=566778387.1686849402&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1686849402&sct=1&seg=0&dl=https%3A%2F%2Ffortexdesign.norby.live%2F&dt=WELCOME%20TO%20ONEDRIVE%20SECURE%20PORTAL%3A%20Home&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LMFW6LF75X&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fortexdesign.norby.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 17:16:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fortexdesign.norby.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3485376358&v=1.1&a=8439434&pu=https%3A%2F%2Ffortexdesign.norby.live%2F&t=WELCOME+TO+ONEDRIVE+SECURE+PORTAL%3A+Home&cts=1686849402270&vi=c6460808c74e723bb6c7fc0c230fd4b3&nc=true&u=113968408.c6460808c74e723bb6c7fc0c230fd4b3.1686849402268.1686849402268.1686849402268.1&b=113968408.1.1686849402268&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fortexdesign.norby.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:16:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
98f77c6b-12f1-4c9f-a7f2-a52eaf421603
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
79eb8b5b-e169-449c-ba16-3da63fbb6aae
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwEmIJW3XhC5JIlHpqL8WAIBTDTK6rsRr6Z0FOMl3e7bkU%2F2MQaA%2FVB%2Fl%2BV4LiNGxtbXQ3aK8mYuUdf%2BPZrSNO0DsBQWoYSy5%2BYoedKzLgEB3cewQCYuoVprljm9%2BmX7tIV3ymWciV4HcIiUFOMK"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-5f6448c676-lqfnv
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7d7c765c5d2b913d-FRA
x-robots-tag
none
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame C5D8 		200 B
809 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fortexdesign.norby.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
14061854
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=31536000
content-encoding
br
content-length
122
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 15 Jun 2023 17:16:42 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Wed, 21 Dec 2022 18:20:45 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
20278
x-content-type-options
nosniff
x-request-id
8a011c04-b7b1-4175-ad0f-e80d78e2c147
x-served-by
cache-fra-eddf8230096-FRA
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame C5D8 		631 B
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 15 Jun 2023 17:16:42 GMT
via
1.1 varnish
age
590488
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
396
x-request-id
e3bd6185-cc4e-46fb-94b8-24d551ed7f99
x-served-by
cache-fra-eddf8230095-FRA
last-modified
Thu, 08 Jun 2023 20:06:50 GMT
server
Fastly
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
47649
csp-report
q.stripe.com/ Frame C5D8 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 15 Jun 2023 17:16:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1686849402778367
x-envoy-upstream-service-time
0
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1686849402778167
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame C5D8 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 15 Jun 2023 17:16:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1686849402778429
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1686849402778230
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame 0E1C 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:c200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
208
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 15 Jun 2023 17:13:14 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-id
DaEMVuLW3IP0OjOKBR-FMOWNc0zeliTB1CGFBDYPkOgqgX9jwECX9w==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 0E1C 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 15 Jun 2023 17:16:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1686849402778748
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1686849402778291
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.42.js
m.stripe.network/ Frame 0E1C 		86 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:c200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Jun 2023 17:13:44 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
age
179
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
lNkn0eLnc5Stt3gKodDfBZNYHMvkz0ATPkHD-boczhtzPLY_UG52rg==
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 		34 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=kXHhpayIyvgYBTBQtsGpOHf_VRi7_o1YZU-Kbd_Ms38&VER=8&database=projects%2Fmagic-sauce%2Fdatabases%2F(default)&RID=rpc&SID=Qh2iVUEFnWci402IUXIXsg&CI=0&AID=0&TYPE=xmlhttp&zx=2ukde16xzqcr&t=1
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/polyfills.2a15d84f904a28c5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5a95002136ec607ff9a40c809f7ed564aa34319c176464bc4377c0376479fa5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fortexdesign.norby.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:16:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Referer, origin
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://fortexdesign.norby.live
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
6
m.stripe.com/ Frame 0E1C 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.183.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-183-117.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
acfb12c0af1fe60dba26d98b5fe295192099502288dd3ad1a4f428ba7d26b5ff
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 15 Jun 2023 17:16:42 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1686849402868371
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1686849402867906
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 		34 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=kXHhpayIyvgYBTBQtsGpOHf_VRi7_o1YZU-Kbd_Ms38&VER=8&database=projects%2Fmagic-sauce%2Fdatabases%2F(default)&RID=rpc&SID=Qh2iVUEFnWci402IUXIXsg&CI=1&AID=0&TYPE=xmlhttp&zx=iaxvq2ujt2e2&t=1
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/polyfills.2a15d84f904a28c5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4158248a79b9c9b39491a39b179274ace703ced7beea6c9525db61765b4ce947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fortexdesign.norby.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:16:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://fortexdesign.norby.live
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accounts:signUp
identitytoolkit.googleapis.com/v1/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://identitytoolkit.googleapis.com/v1/accounts:signUp?key=AIzaSyAozArSpUoOUNwrxG2ysjssS0a-hS4gcBE
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/polyfills.2a15d84f904a28c5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2078b3c90491eea8e9d591e39a00053b9e55803ce53254f6aabfae1885b7b169
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Firebase-gmpid
1:383296556887:web:3ab65074cb154e848c7812
X-Client-Version
Chrome/JsCore/9.22.0/FirebaseCore-web
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
X-Firebase-Client
eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuMTAgZmlyZS1jb3JlLWVzbTIwMTcvMC45LjEwIGZpcmUtanMvIGZpcmUtanMtYWxsLWFwcC85LjIyLjAgZmlyZS1paWQvMC42LjQgZmlyZS1paWQtZXNtMjAxNy8wLjYuNCBmaXJlLXJjLzAuNC40IGZpcmUtcmMtZXNtMjAxNy8wLjQuNCBmaXJlLWZjbS8wLjEyLjQgZmlyZS1mY20tZXNtMjAxNy8wLjEyLjQgZmlyZS1hbmFseXRpY3MvMC4xMC4wIGZpcmUtYW5hbHl0aWNzLWVzbTIwMTcvMC4xMC4wIGZpcmUtYXBwLWNoZWNrLzAuNy4wIGZpcmUtYXV0aC8wLjIzLjIgZmlyZS1hdXRoLWVzbTIwMTcvMC4yMy4yIGZpcmUtZnN0LzMuMTIuMCBmaXJlLWZzdC1lc20yMDE3LzMuMTIuMCBhbmd1bGFyZmlyZS1jb3JlLzcuNS4wIGFuZ3VsYXJmaXJlLWFwcC83LjUuMCBhbmd1bGFyLWJyb3dzZXIvMTUuMi45IGFuZ3VsYXJmaXJlLWF1dGgvNy41LjAgYW5ndWxhcmZpcmUtZnN0LzcuNS4wIiwiZGF0ZXMiOlsiMjAyMy0wNi0xNSJdfV19
Content-Type
application/json
Referer
X-Firebase-Locale
en-US

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 17:16:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://fortexdesign.norby.live
access-control-expose-headers
date,vary,vary,vary,content-encoding,server,content-length
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
923
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
accounts:signUp
identitytoolkit.googleapis.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identitytoolkit.googleapis.com/v1/accounts:signUp?key=AIzaSyAozArSpUoOUNwrxG2ysjssS0a-hS4gcBE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-client-version,x-firebase-client,x-firebase-gmpid,x-firebase-locale
Access-Control-Request-Method
POST
Origin
https://fortexdesign.norby.live
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-client-version,x-firebase-client,x-firebase-gmpid,x-firebase-locale
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://fortexdesign.norby.live
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 15 Jun 2023 17:16:43 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 		17 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=kXHhpayIyvgYBTBQtsGpOHf_VRi7_o1YZU-Kbd_Ms38&VER=8&database=projects%2Fmagic-sauce%2Fdatabases%2F(default)&RID=rpc&SID=Qh2iVUEFnWci402IUXIXsg&CI=1&AID=8&TYPE=xmlhttp&zx=2af9yownhho0&t=1
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/polyfills.2a15d84f904a28c5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fortexdesign.norby.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:16:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://fortexdesign.norby.live
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
css2
fonts.googleapis.com/ 		402 B
406 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Abel&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
06173c7a47216b2032a5caff35acf38ac5b8b6d1499e757c70c1b4695bca79d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fortexdesign.norby.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Jun 2023 17:16:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 15 Jun 2023 16:46:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Jun 2023 17:16:43 GMT
MwQ5bhbm2POE2V9BPQ.woff2
fonts.gstatic.com/s/abel/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abel&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bea498aed7cc1366e8b966e467b98219c803107d728eab8a6c4c9b045def699
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fortexdesign.norby.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 05:24:52 GMT
x-content-type-options
nosniff
age
474711
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9588
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:29:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 05:24:52 GMT
accounts:lookup
identitytoolkit.googleapis.com/v1/ 		258 B
228 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://identitytoolkit.googleapis.com/v1/accounts:lookup?key=AIzaSyAozArSpUoOUNwrxG2ysjssS0a-hS4gcBE
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/polyfills.2a15d84f904a28c5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
801635b8583c7f218ddcf6db3de8a5bacaeca504e65c42275201c49587f3bb64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Firebase-gmpid
1:383296556887:web:3ab65074cb154e848c7812
Referer
X-Client-Version
Chrome/JsCore/9.22.0/FirebaseCore-web
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
X-Firebase-Locale
en-US
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 17:16:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://fortexdesign.norby.live
access-control-expose-headers
date,vary,vary,vary,content-encoding,server,content-length
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
203
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
accounts:lookup
identitytoolkit.googleapis.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identitytoolkit.googleapis.com/v1/accounts:lookup?key=AIzaSyAozArSpUoOUNwrxG2ysjssS0a-hS4gcBE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-client-version,x-firebase-gmpid,x-firebase-locale
Access-Control-Request-Method
POST
Origin
https://fortexdesign.norby.live
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-client-version,x-firebase-gmpid,x-firebase-locale
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://fortexdesign.norby.live
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 15 Jun 2023 17:16:43 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fmagic-sauce%2Fdatabases%2F(default)&gsessionid=kXHhpayIyvgYBTBQtsGpOHf_VRi7_o1YZU-Kbd_Ms38&SID=Qh2iVUEFnWci402IUXIXsg&RID=21206&TYPE=terminate&zx=2gcbqpuqyhee
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/main.449eb1cab6097b0c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fortexdesign.norby.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 		54 B
95 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fmagic-sauce%2Fdatabases%2F(default)&RID=4159&CVER=22&X-HTTP-Session-Id=gsessionid&zx=s5g0v6gkk9af&t=1
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/polyfills.2a15d84f904a28c5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1232aeb6e16b14d84ea1d5740f39d415decbf6e50c9d72ce00054207a190da4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fortexdesign.norby.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 15 Jun 2023 17:16:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-client-wire-protocol
h3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://fortexdesign.norby.live
access-control-expose-headers
x-client-wire-protocol,x-http-session-id
cache-control
private
access-control-allow-credentials
true
x-http-session-id
Sc4SljPzAQLfeQpI0IMx90dsltEP3DMRyeoj0W1g6k0
beacon_token
auth.services.norby.live/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.services.norby.live/auth/beacon_token
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.33.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-33-56.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'nonce-78928c3fe1d0d45078b7553887a59867'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-client-tz,x-slug
Access-Control-Request-Method
POST
Origin
https://fortexdesign.norby.live
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
authorization,x-client-tz,x-slug
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://fortexdesign.norby.live
Connection
keep-alive
Content-Length
0
Content-Security-Policy
default-src 'self';script-src 'self' 'nonce-78928c3fe1d0d45078b7553887a59867'
Date
Thu, 15 Jun 2023 17:16:44 GMT
Expect-CT
max-age=0
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Origin, Access-Control-Request-Headers
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
0
beacon_token
auth.services.norby.live/auth/ 		239 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.services.norby.live/auth/beacon_token
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/polyfills.2a15d84f904a28c5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.33.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-33-56.compute-1.amazonaws.com
Software
/
Resource Hash
cf8a3e1f0a9adc83e5a9414f95126fe95c896f84a109c0433072dbbd2adc64ad
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'nonce-15e05d3b5f99ca387863bb92a48b088c'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-client-tz
Etc/Unknown
Accept
application/json, text/plain, */*
Referer
https://fortexdesign.norby.live/
x-slug
fortexdesign
accept-language
de-DE,de;q=0.9
Authorization
Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjY3YmFiYWFiYTEwNWFkZDZiM2ZiYjlmZjNmZjVmZTNkY2E0Y2VkYTEiLCJ0eXAiOiJKV1QifQ.eyJwcm92aWRlcl9pZCI6ImFub255bW91cyIsImlzcyI6Imh0dHBzOi8vc2VjdXJldG9rZW4uZ29vZ2xlLmNvbS9tYWdpYy1zYXVjZSIsImF1ZCI6Im1hZ2ljLXNhdWNlIiwiYXV0aF90aW1lIjoxNjg2ODQ5NDAzLCJ1c2VyX2lkIjoibW92aHg0OU41ZGM3Q3J1dTRZUzNJbnFDV1RjMiIsInN1YiI6Im1vdmh4NDlONWRjN0NydXU0WVMzSW5xQ1dUYzIiLCJpYXQiOjE2ODY4NDk0MDMsImV4cCI6MTY4Njg1MzAwMywiZmlyZWJhc2UiOnsiaWRlbnRpdGllcyI6e30sInNpZ25faW5fcHJvdmlkZXIiOiJhbm9ueW1vdXMifX0.bzAUBfpEJrVNnmnLTUG_pwhITOzuGLkAzpS4eiQcD9iv0T42gQLuaXYPM7lfnAaoHKeAvua9dls-P3HJhqW9RleRwRlgZjuFqvLYwG0EhJBWqgXjAxDjk0o_za8Q6n1zvDDkTV9MPsGJ-92GuGBpqX7_mpvNpVPMuXyCmm7x4H1_Em77RHH-vouyXQI_nKW58qwolfB9Q8_eVDaxdWupZz4525eINQ4mlsjv7cmtz8NHXeaNc4BO1UkMLXzsrC5Rl4CQvL_RWyv3FREA-uV7eT8szSAlwYnmAl47S5O8koRd4_qAbUyzKDe4yYaHS9QOxROCUe2cWMrVysjEju3UtQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 15 Jun 2023 17:16:44 GMT
Content-Security-Policy
default-src 'self';script-src 'self' 'nonce-15e05d3b5f99ca387863bb92a48b088c'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-DNS-Prefetch-Control
off
Connection
keep-alive
Content-Length
239
X-XSS-Protection
0
Referrer-Policy
no-referrer
ETag
W/"ef-osETK4uqux736g6pddLxMxQH27w"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://fortexdesign.norby.live
X-Download-Options
noopen
Access-Control-Allow-Credentials
true
socket_token
auth.services.norby.live/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.services.norby.live/auth/socket_token
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.33.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-33-56.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'nonce-9a20020358e941d19a008947df6aa0d1'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-client-tz,x-slug
Access-Control-Request-Method
POST
Origin
https://fortexdesign.norby.live
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
authorization,x-client-tz,x-slug
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://fortexdesign.norby.live
Connection
keep-alive
Content-Length
0
Content-Security-Policy
default-src 'self';script-src 'self' 'nonce-9a20020358e941d19a008947df6aa0d1'
Date
Thu, 15 Jun 2023 17:16:44 GMT
Expect-CT
max-age=0
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Origin, Access-Control-Request-Headers
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
0
socket_token
auth.services.norby.live/auth/ 		239 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.services.norby.live/auth/socket_token
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/polyfills.2a15d84f904a28c5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.33.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-33-56.compute-1.amazonaws.com
Software
/
Resource Hash
59bd0538777e1f013db2e72f5a8af81b9fdad08017b279f9842865c05a3225b2
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'nonce-e47a29d34d043791e4f3f361215e4f67'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-client-tz
Etc/Unknown
Accept
application/json, text/plain, */*
Referer
https://fortexdesign.norby.live/
x-slug
fortexdesign
accept-language
de-DE,de;q=0.9
Authorization
Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjY3YmFiYWFiYTEwNWFkZDZiM2ZiYjlmZjNmZjVmZTNkY2E0Y2VkYTEiLCJ0eXAiOiJKV1QifQ.eyJwcm92aWRlcl9pZCI6ImFub255bW91cyIsImlzcyI6Imh0dHBzOi8vc2VjdXJldG9rZW4uZ29vZ2xlLmNvbS9tYWdpYy1zYXVjZSIsImF1ZCI6Im1hZ2ljLXNhdWNlIiwiYXV0aF90aW1lIjoxNjg2ODQ5NDAzLCJ1c2VyX2lkIjoibW92aHg0OU41ZGM3Q3J1dTRZUzNJbnFDV1RjMiIsInN1YiI6Im1vdmh4NDlONWRjN0NydXU0WVMzSW5xQ1dUYzIiLCJpYXQiOjE2ODY4NDk0MDMsImV4cCI6MTY4Njg1MzAwMywiZmlyZWJhc2UiOnsiaWRlbnRpdGllcyI6e30sInNpZ25faW5fcHJvdmlkZXIiOiJhbm9ueW1vdXMifX0.bzAUBfpEJrVNnmnLTUG_pwhITOzuGLkAzpS4eiQcD9iv0T42gQLuaXYPM7lfnAaoHKeAvua9dls-P3HJhqW9RleRwRlgZjuFqvLYwG0EhJBWqgXjAxDjk0o_za8Q6n1zvDDkTV9MPsGJ-92GuGBpqX7_mpvNpVPMuXyCmm7x4H1_Em77RHH-vouyXQI_nKW58qwolfB9Q8_eVDaxdWupZz4525eINQ4mlsjv7cmtz8NHXeaNc4BO1UkMLXzsrC5Rl4CQvL_RWyv3FREA-uV7eT8szSAlwYnmAl47S5O8koRd4_qAbUyzKDe4yYaHS9QOxROCUe2cWMrVysjEju3UtQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 15 Jun 2023 17:16:44 GMT
Content-Security-Policy
default-src 'self';script-src 'self' 'nonce-e47a29d34d043791e4f3f361215e4f67'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-DNS-Prefetch-Control
off
Connection
keep-alive
Content-Length
239
X-XSS-Protection
0
Referrer-Policy
no-referrer
ETag
W/"ef-nNGa2o3waMvyEjyFGiFd31w4B5E"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://fortexdesign.norby.live
X-Download-Options
noopen
Access-Control-Allow-Credentials
true
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 		20 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=Sc4SljPzAQLfeQpI0IMx90dsltEP3DMRyeoj0W1g6k0&VER=8&database=projects%2Fmagic-sauce%2Fdatabases%2F(default)&RID=rpc&SID=XF13MVYANYTLox_U5lsGsw&CI=0&AID=0&TYPE=xmlhttp&zx=cqijn9cztd4&t=1
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/polyfills.2a15d84f904a28c5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
532b0bafd5a8608e60f4ab795c47a8f31495a739691f466343c5db46f6738e52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fortexdesign.norby.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:16:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Referer, origin
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://fortexdesign.norby.live
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 		20 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=Sc4SljPzAQLfeQpI0IMx90dsltEP3DMRyeoj0W1g6k0&VER=8&database=projects%2Fmagic-sauce%2Fdatabases%2F(default)&RID=rpc&SID=XF13MVYANYTLox_U5lsGsw&CI=1&AID=0&TYPE=xmlhttp&zx=35la94yqrxj2&t=1
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/polyfills.2a15d84f904a28c5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
532b0bafd5a8608e60f4ab795c47a8f31495a739691f466343c5db46f6738e52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fortexdesign.norby.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:16:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://fortexdesign.norby.live
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 		18 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=Sc4SljPzAQLfeQpI0IMx90dsltEP3DMRyeoj0W1g6k0&VER=8&database=projects%2Fmagic-sauce%2Fdatabases%2F(default)&RID=rpc&SID=XF13MVYANYTLox_U5lsGsw&CI=1&AID=9&TYPE=xmlhttp&zx=ocafr0t3nzem&t=1
Requested by
Host: fortexdesign.norby.live
URL: https://fortexdesign.norby.live/polyfills.2a15d84f904a28c5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fortexdesign.norby.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:16:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://fortexdesign.norby.live
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LMFW6LF75X&gtm=45je36c0&_p=1326296757&cid=566778387.1686849402&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1686849402&sct=1&seg=0&dl=https%3A%2F%2Ffortexdesign.norby.live%2F&dt=WELCOME%20TO%20ONEDRIVE%20SECURE%20PORTAL%3A%20Home&en=scroll&epn.percent_scrolled=90&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LMFW6LF75X&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fortexdesign.norby.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 17:16:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fortexdesign.norby.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

209 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| webpackChunkend_user function| clearImmediate function| setImmediate function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__setImmediate function| __zone_symbol__clearImmediate function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononscrollendpatched object| global object| _hsp object| __zone_symbol__messagefalse boolean| hubspot_live_messages_running object| HubSpotConversations object| __zone_symbol__hashchangefalse object| __zone_symbol__resizefalse object| _hsq boolean| _hspb_loaded boolean| _hspb_ran object| _paq function| sanitizeKey object| __zone_symbol__loadtrue boolean| _hstc_loaded object| __angularfire_symbol__analyticsIsSupported object| __angularfire_symbol__messagingIsSupported object| __angularfire_symbol__remoteConfigIsSupported object| __zone_symbol__testfalse object| __zone_symbol__ON_PROPERTYtest object| __zone_symbol__pfalse object| __zone_symbol__ON_PROPERTYp function| saveAs object| __global__ object| __zone_symbol__pagehidefalse object| __SENTRY__ object| __zone_symbol__popstatefalse boolean| __angularfire_symbol__analyticsIsSupportedValue boolean| __angularfire_symbol__messagingIsSupportedValue boolean| __angularfire_symbol__remoteConfigIsSupportedValue object| webpackChunkStripeJSouter function| noop object| __zone_symbol__loadfalse function| Stripe object| ɵAngularFireScheduler object| __zone_symbol__orientationchangefalse object| __zone_symbol__onlinefalse object| __zone_symbol__offlinefalse function| __zone_symbol__ON_PROPERTYpopstate function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse function| __zone_symbol__ON_PROPERTYunhandledrejection object| __zone_symbol__unhandledrejectionfalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| __zone_symbol__focusfalse object| __zone_symbol__blurfalse object| __zone_symbol__pageshowfalse object| gaGlobal boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| __zone_symbol__beforeunloadfalse function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

14 Cookies

Domain/Path Name / Value
.docsend.com/ Name: _v_
Value: RLbzIeZqanZGH0bbiChQNaGDMbkVUfH3fg0zwCgCM2ecKQTR37tQnggxQ8ydeLqyfEMwPxyKJnKNh3nvySWMow%2B8gOAF6dNOeGYbZJs%3D--7GetFXcRA5x3sqyo--i2K3%2BFtqdZy2DlGk67cf%2Bg%3D%3D
.docsend.com/ Name: _us_
Value: BAhJIg92aWV3ZWQgZG9jBjoGRVQ%3D--86064670cbcb81a84182616ff39e8415292b30d1
.docsend.com/ Name: _dss_
Value: 90e75d509edccb659684d0087257043b
.norby.live/ Name: _ga
Value: GA1.1.566778387.1686849402
.norby.live/ Name: _ga_LMFW6LF75X
Value: GS1.1.1686849402.1.0.1686849402.0.0.0
.norby.live/ Name: __hstc
Value: 113968408.c6460808c74e723bb6c7fc0c230fd4b3.1686849402268.1686849402268.1686849402268.1
.norby.live/ Name: hubspotutk
Value: c6460808c74e723bb6c7fc0c230fd4b3
.norby.live/ Name: __hssrc
Value: 1
.norby.live/ Name: __hssc
Value: 113968408.1.1686849402268
.hubspot.com/ Name: __cf_bm
Value: TcethRxGpE6kOkUheDC72m2wEm36oWRE3g0bMdI8KcY-1686849402-0-AYvxoAG1Zlr6V5YmbdJr9ubf+VFaie0q0lzGDbmL7vld8BtNb81halfdjHGaaXU3aCMGlPYGKCeiLkmw0xWRIw4=
m.stripe.com/ Name: m
Value: e5869d0d-f0f0-4c71-befd-d0209dd0d329a2da73
.fortexdesign.norby.live/ Name: __stripe_mid
Value: bf417cda-be55-4877-9efe-0087a460a3b5292ed9
.fortexdesign.norby.live/ Name: __stripe_sid
Value: 299751b6-7808-469d-ae01-5515503b22d7e4d248
socket.services.norby.live/ Name: INGRESSCOOKIE
Value: 0ab28000868421b66165d7587be7f16b|0cfe89253bf44bfcc0d6ad0185f38673

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
auth.services.norby.live
d1ibfj737ra5p6.cloudfront.net
docsend.com
firestore.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
fortexdesign.norby.live
identitytoolkit.googleapis.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.stripe.com
js.usemessages.com
m.stripe.com
m.stripe.network
norby.imgix.net
q.stripe.com
region1.google-analytics.com
track.hubspot.com
www.googletagmanager.com
151.101.192.176
2001:4860:4802:32::36
2600:9000:2057:c200:19:7d10:bd80:93a1
2600:9000:2240:1000:9:5968:9680:21
2606:4700::6810:88ce
2606:4700::6811:61ac
2606:4700::6812:19c4
2606:4700::6812:883b
2606:4700::6813:9b53
2a00:1450:4001:800::200a
2a00:1450:4001:803::200a
2a00:1450:4001:806::2013
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:827::200a
2a04:4e42:8d::720
3.220.57.224
3.230.33.56
52.42.183.117
54.186.23.98
06173c7a47216b2032a5caff35acf38ac5b8b6d1499e757c70c1b4695bca79d7
0917fc1b382af4d266e15da4bf60fa91029907e7d72e361e5cfaee6d34f11c26
0d2126618fbaa6823d1c4e3512f115d09ebf09f887db895593b324fc8b47475e
1232aeb6e16b14d84ea1d5740f39d415decbf6e50c9d72ce00054207a190da4f
2078b3c90491eea8e9d591e39a00053b9e55803ce53254f6aabfae1885b7b169
246d43b474bd92203ec41037db871dbfd520d0e24408f172399dfd9cda8ecc19
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2c69b9906295780a33f690fc8731e03d1482eba626c06fe96b6617d5154f53da
2e90274749e6e606a81e52e808af1ea1a7485506d3d27cfb055da8317ad80680
3c954cdf8d1388175eab30699529ec50576b1d30a0285e52031a9e0b042b4b8e
4158248a79b9c9b39491a39b179274ace703ced7beea6c9525db61765b4ce947
4f54675f7e442cae4c1c812515e1fd2624925b9af97011b7c923d8e1376c190e
532b0bafd5a8608e60f4ab795c47a8f31495a739691f466343c5db46f6738e52
59bd0538777e1f013db2e72f5a8af81b9fdad08017b279f9842865c05a3225b2
5a95002136ec607ff9a40c809f7ed564aa34319c176464bc4377c0376479fa5b
64c173c7755d7c75da8132fe585f33a15e89196941f7c1cd65c0d28d6ae23d56
6c29f0dba8c03bce04f071751499a6ade13b8b1632e39be2017c290ed1c36679
6e0327ef811b3e2ee73ffc2bf953c742aa9cfe23f44cfd263a2767b5523fb9a0
747aed8cf9779bd48d29ad486577b1736ce5041c138b135804391cb05b4fc1a7
801635b8583c7f218ddcf6db3de8a5bacaeca504e65c42275201c49587f3bb64
841aee2b5db46b64f2fd2da413fdd8d1fed27176566e5f3d078833cf36770331
8a2f18f96aa2f9493652b329c100b87af8c7d9d981561da110eca663e8528482
8bb3180aff59a45abade8a4282f9240b3561e1bef8ddb2a62d77f056de04a2f0
8bea498aed7cc1366e8b966e467b98219c803107d728eab8a6c4c9b045def699
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
acfb12c0af1fe60dba26d98b5fe295192099502288dd3ad1a4f428ba7d26b5ff
ba40e70ee97319382481b48b9ba3ed10572725d03dc56c6be74706e509d03b40
bbbe9c4d273a13abdade0522f1d5323410659451ef72fb80c16f372ae206b282
bf2f5e5e4f00b61be95219410b2e167ee0de6add808944b9f12ccfe251ea8bb1
c0e840b6b53b75f06afd8b64441203ff6839df06b74934478020d1fc5199c95c
cf8a3e1f0a9adc83e5a9414f95126fe95c896f84a109c0433072dbbd2adc64ad
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083