auth.norclub.com Open in urlscan Pro
13.107.227.45 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://claimstatement.insify.no/
Effective URL:
https://auth.norclub.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dinsify-claimstatement-we...
Submission: On June 24 via automatic, source certstream-suspicious (June 24th 2022, 11:12:26 pm UTC) — Scanned from NO

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 3 countries across 4 domains to perform 17 HTTP transactions. The main IP is 13.107.227.45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is auth.norclub.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 23rd 2021. Valid for: a year.

This is the only time auth.norclub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	194.63.248.52 194.63.248.52	12996 (DOMENESHO...) (DOMENESHOP Oslo)
2 18	13.107.227.45 13.107.227.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.17.224.78 104.17.224.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2

1 194.63.248.52 (Norway) 1 redirects

ASN12996 (DOMENESHOP Oslo, Norway, NO)
PTR: bristol.domeneshop.no

claimstatement.insify.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 13.107.227.45 (United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

claimstatement.etuity.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
auth.norclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.224.78 (None, )

ASN13335 (CLOUDFLARENET, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	norclub.com 1 redirects auth.norclub.com	658 KB
7	etuity.no 1 redirects claimstatement.etuity.no	1 MB
1	fonts.net fast.fonts.net — Cisco Umbrella Rank: 3151	624 B
1	insify.no 1 redirects claimstatement.insify.no	150 B
17	4

	Domain	Requested by
11	auth.norclub.com	1 redirects claimstatement.etuity.no auth.norclub.com
7	claimstatement.etuity.no	1 redirects claimstatement.etuity.no
1	fast.fonts.net	claimstatement.etuity.no
1	claimstatement.insify.no	1 redirects
17	4

This site contains no links.

Subject Issuer	Validity	Valid
claimstatement.etuity.no DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-05` - `2023-06-04`	a year	crt.sh
auth.norclub.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-23` - `2022-11-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://auth.norclub.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dinsify-claimstatement-web%253Aapp%26redirect_uri%3Dhttps%253A%252F%252Fclaimstatement.etuity.no%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520insify-claimstatement-web%2520insify-helpandnotifications-api%26state%3D29bf5d923fe54fca9365c0a518ea810a%26code_challenge%3DDbhXO3ZDIqdYFN5rlfCCMKbFg50c4s5GwL5g8uI0gi4%26code_challenge_method%3DS256%26response_mode%3Dquery
Frame ID: 5F216DAE5FF152BC3B13374A2F2FE1B4
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Norwegian Hull Club Login

Page URL History Show full URLs

https://claimstatement.insify.no/ HTTP 301
https://claimstatement.etuity.no/ Page URL
https://auth.norclub.com/connect/authorize?client_id=insify-claimstatement-web%3Aapp&redirect_uri=htt... HTTP 302
https://auth.norclub.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dinsi... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

94 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

3
Countries

1837 kB
Transfer

4097 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://claimstatement.insify.no/ HTTP 301
https://claimstatement.etuity.no/ Page URL
https://auth.norclub.com/connect/authorize?client_id=insify-claimstatement-web%3Aapp&redirect_uri=https%3A%2F%2Fclaimstatement.etuity.no%2Fcallback&response_type=code&scope=openid%20profile%20insify-claimstatement-web%20insify-helpandnotifications-api&state=29bf5d923fe54fca9365c0a518ea810a&code_challenge=DbhXO3ZDIqdYFN5rlfCCMKbFg50c4s5GwL5g8uI0gi4&code_challenge_method=S256&response_mode=query HTTP 302
https://auth.norclub.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dinsify-claimstatement-web%253Aapp%26redirect_uri%3Dhttps%253A%252F%252Fclaimstatement.etuity.no%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520insify-claimstatement-web%2520insify-helpandnotifications-api%26state%3D29bf5d923fe54fca9365c0a518ea810a%26code_challenge%3DDbhXO3ZDIqdYFN5rlfCCMKbFg50c4s5GwL5g8uI0gi4%26code_challenge_method%3DS256%26response_mode%3Dquery Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://claimstatement.insify.no/ HTTP 301
https://claimstatement.etuity.no/

Request Chain 6

https://claimstatement.etuity.no/api/auth/.well-known/openid-configuration HTTP 302
https://auth.norclub.com/.well-known/openid-configuration

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
claimstatement.etuity.no/
Redirect Chain

https://claimstatement.insify.no/
https://claimstatement.etuity.no/

1 KB
2 KB

817ms
157ms

Document
text/html

13.107.227.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://claimstatement.etuity.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.227.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

97ee7a8ffe65277a3c468d919e1c43351c38abe94f20f18454216bf7e44cdebf

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' https://fast.fonts.net 'unsafe-inline'; default-src 'self'; script-src 'self'; img-src https://.blob.core.windows.net/ blob: 'self'; media-src 'self'; form-action 'none'; frame-src https://auth.norclub.com 'self'; connect-src wss://localhost: https://auth.norclub.com 'self' https://dc.services.visualstudio.com https://.blob.core.windows.net/ blob: https://prod-insify-signalr.service.signalr.net wss://prod-insify-signalr.service.signalr.net; object-src https://.blob.core.windows.net/ blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	style-src 'self' https://fast.fonts.net 'unsafe-inline'; default-src 'self'; script-src 'self'; img-src https://.blob.core.windows.net/ blob: 'self'; media-src 'self'; form-action 'none'; frame-src https://auth.norclub.com 'self'; connect-src wss://localhost: https://auth.norclub.com 'self' https://dc.services.visualstudio.com https://.blob.core.windows.net/ blob: https://prod-insify-signalr.service.signalr.net wss://prod-insify-signalr.service.signalr.net; object-src https://.blob.core.windows.net/ blob:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
cache-control: public, no-cache, max-age=0
content-encoding: gzip
content-security-policy: style-src 'self' https://fast.fonts.net 'unsafe-inline'; default-src 'self'; script-src 'self'; img-src https://*.blob.core.windows.net/ blob: 'self'; media-src 'self'; form-action 'none'; frame-src https://auth.norclub.com 'self'; connect-src wss://localhost:* https://auth.norclub.com 'self' https://dc.services.visualstudio.com https://*.blob.core.windows.net/ blob: https://prod-insify-signalr.service.signalr.net wss://prod-insify-signalr.service.signalr.net; object-src https://*.blob.core.windows.net/ blob:;
content-type: text/html
date: Fri, 24 Jun 2022 23:12:20 GMT
etag: "1d880ba17dc1460"
last-modified: Wed, 15 Jun 2022 13:16:16 GMT
referrer-policy: no-referrer
request-context: appId=cid-v1:ddd202dd-df32-4de0-a207-0c95bd553c7f
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-azure-ref: 01US2YgAAAACfad/RuhxFQIlmE1zA9+OGT1NMMjMxMDUwMjA1MDM1ADMzNjJmNDczLWZhYWUtNDgxMi1iZjFkLWQyNmYxZGNhZGU3MQ==
x-azure-ref-originshield: 01US2YgAAAADk/Q0aluOjRY/rtrwHIKTDQU1TMDRFREdFMTkxMwAzMzYyZjQ3My1mYWFlLTQ4MTItYmYxZC1kMjZmMWRjYWRlNzE=
x-cache: TCP_MISS
x-content-security-policy: style-src 'self' https://fast.fonts.net 'unsafe-inline'; default-src 'self'; script-src 'self'; img-src https://*.blob.core.windows.net/ blob: 'self'; media-src 'self'; form-action 'none'; frame-src https://auth.norclub.com 'self'; connect-src wss://localhost:* https://auth.norclub.com 'self' https://dc.services.visualstudio.com https://*.blob.core.windows.net/ blob: https://prod-insify-signalr.service.signalr.net wss://prod-insify-signalr.service.signalr.net; object-src https://*.blob.core.windows.net/ blob:;
x-content-type-options: nosniff
x-powered-by: ASP.NET
x-xss-protection: 1;mode=block

Redirect headers

cache-control: max-age=3600 public
content-type: text/html
date: Fri, 24 Jun 2022 23:12:20 GMT
expires: Sat, 25 Jun 2022 00:12:20 GMT
location: https://claimstatement.etuity.no/
server: openresty

GET
H2 200 main.3dd9db88.js Show response
claimstatement.etuity.no/static/js/ 3 MB
1 MB 440ms
439ms Script
application/javascript 13.107.227.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://claimstatement.etuity.no/static/js/main.3dd9db88.js

Requested by

Host: claimstatement.etuity.no
URL: https://claimstatement.etuity.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.227.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

1777f48494f694093cc01d5515811fb4c5e8cb7edda029a1d6c4a8b3b4623218

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-azure-ref-originshield: 01US2YgAAAADdSZuMPaEYRILtwnUnweEFQU1TMDRFREdFMTgxOQAzMzYyZjQ3My1mYWFlLTQ4MTItYmYxZC1kMjZmMWRjYWRlNzE=
x-powered-by: ASP.NET
x-cache: TCP_MISS
vary: Accept-Encoding
x-xss-protection: 1;mode=block
request-context: appId=cid-v1:ddd202dd-df32-4de0-a207-0c95bd553c7f
referrer-policy: no-referrer
last-modified: Wed, 15 Jun 2022 13:16:16 GMT
server: Microsoft-IIS/10.0
date: Fri, 24 Jun 2022 23:12:21 GMT
x-azure-ref: 01US2YgAAAAD41z5hlRLyRav/aXW9FL+5T1NMMjMxMDUwMjA1MDM1ADMzNjJmNDczLWZhYWUtNDgxMi1iZjFkLWQyNmYxZGNhZGU3MQ==
content-type: application/javascript
cache-control: public, max-age=2592000
etag: "1d880ba17ed712b"
accept-ranges: bytes

GET
H2 200 main.e8b7da58.css
claimstatement.etuity.no/static/css/ 9 KB
3 KB 219ms
218ms Stylesheet
text/css 13.107.227.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://claimstatement.etuity.no/static/css/main.e8b7da58.css

Requested by

Host: claimstatement.etuity.no
URL: https://claimstatement.etuity.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.227.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

fd9029827f8b93387f18c674cf40c7c0b89f93e2aee889b80702928a9b48e99a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-azure-ref-originshield: 01US2YgAAAABVsLizIfw3S4xF2F3GdqA/QU1TMDRFREdFMTgxMwAzMzYyZjQ3My1mYWFlLTQ4MTItYmYxZC1kMjZmMWRjYWRlNzE=
x-powered-by: ASP.NET
x-cache: TCP_MISS
vary: Accept-Encoding
x-xss-protection: 1;mode=block
request-context: appId=cid-v1:ddd202dd-df32-4de0-a207-0c95bd553c7f
referrer-policy: no-referrer
last-modified: Wed, 15 Jun 2022 13:16:16 GMT
server: Microsoft-IIS/10.0
date: Fri, 24 Jun 2022 23:12:20 GMT
x-azure-ref: 01US2YgAAAACWsT/2hMcASahZHm8tpqlLT1NMMjMxMDUwMjA1MDM1ADMzNjJmNDczLWZhYWUtNDgxMi1iZjFkLWQyNmYxZGNhZGU3MQ==
content-type: text/css
cache-control: public, max-age=2592000
etag: "1d880ba17dc334e"
accept-ranges: bytes

GET
H2 200 unsupportedBrowser.js Show response
claimstatement.etuity.no/ 1 KB
1 KB 215ms
215ms Script
application/javascript 13.107.227.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://claimstatement.etuity.no/unsupportedBrowser.js

Requested by

Host: claimstatement.etuity.no
URL: https://claimstatement.etuity.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.227.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

14cccad9df90383e0db5af1bc83c02cc52aa62155688c521858ee9ecd2e2ef43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-azure-ref-originshield: 01US2YgAAAACU02O9oM+XQLgWnYA7/GlbQU1TMDRFREdFMTgwNwAzMzYyZjQ3My1mYWFlLTQ4MTItYmYxZC1kMjZmMWRjYWRlNzE=
x-powered-by: ASP.NET
x-cache: TCP_MISS
vary: Accept-Encoding
x-xss-protection: 1;mode=block
request-context: appId=cid-v1:ddd202dd-df32-4de0-a207-0c95bd553c7f
referrer-policy: no-referrer
last-modified: Wed, 15 Jun 2022 13:14:06 GMT
server: Microsoft-IIS/10.0
date: Fri, 24 Jun 2022 23:12:20 GMT
x-azure-ref: 01US2YgAAAABtgSTfFwpsQZcRptuWeQcGT1NMMjMxMDUwMjA1MDM1ADMzNjJmNDczLWZhYWUtNDgxMi1iZjFkLWQyNmYxZGNhZGU3MQ==
content-type: application/javascript
cache-control: public, no-cache, max-age=0
etag: "1d880b9ca5fa790"
accept-ranges: bytes

GET
H2 200 1.css
fast.fonts.net/lt/ 0
624 B 466ms
48ms Stylesheet
text/css 104.17.224.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/lt/1.css?apiType=css&c=516a4e0e-7e9a-49d4-9e4d-2a06a1e57306&fontids=6018018,6018024,6018040,6018047,6018049,6053091
Requested by: Host: claimstatement.etuity.no
URL: https://claimstatement.etuity.no/static/css/main.e8b7da58.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.224.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 23:12:21 GMT
cf-cache-status: HIT
age: 574192
cf-ray: 720925d85b420b49-OSL
content-length: 0
x-amz-id-2: GEvdkveIjddF70GF3BGdUp0jnsKq2WTY+3ybgk2yRaN6e3JreN+PLW0kwERkHHzu3vO5Zfb0r30=
last-modified: Tue, 23 Mar 2021 12:59:56 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 0FR4Z8SEZQ0776G7
cache-control: public, max-age=0, s-maxage=604800
x-amz-version-id: null
accept-ranges: bytes
content-type: text/css; charset=utf-8
x-amz-meta-mtime: 1361983047

GET
H2 401 roles Show response
claimstatement.etuity.no/api/ 0
345 B 257ms
257ms XHR
text/plain 13.107.227.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://claimstatement.etuity.no/api/roles

Requested by

Host: claimstatement.etuity.no
URL: https://claimstatement.etuity.no/static/js/main.3dd9db88.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.227.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
www-authenticate: Bearer
referrer-policy: no-referrer
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-azure-ref: 01kS2YgAAAAB13Gwpf9LqTYvzgM40Yj1vT1NMMjMxMDUwMjA1MDM1ADMzNjJmNDczLWZhYWUtNDgxMi1iZjFkLWQyNmYxZGNhZGU3MQ==
x-cache: TCP_MISS
date: Fri, 24 Jun 2022 23:12:21 GMT
x-content-type-options: nosniff
x-azure-ref-originshield: 01kS2YgAAAAD2aRy+F7vfQ5qhfv+af/G5QU1TMDRFREdFMTgxNAAzMzYyZjQ3My1mYWFlLTQ4MTItYmYxZC1kMjZmMWRjYWRlNzE=
content-length: 0
x-xss-protection: 1;mode=block
request-context: appId=cid-v1:ddd202dd-df32-4de0-a207-0c95bd553c7f

GET
H2

200

openid-configuration
auth.norclub.com/.well-known/
Redirect Chain

https://claimstatement.etuity.no/api/auth/.well-known/openid-configuration
https://auth.norclub.com/.well-known/openid-configuration

2 KB
1 KB

941ms
192ms

XHR
application/json

13.107.227.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.norclub.com/.well-known/openid-configuration

Protocol

Server

13.107.227.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
referrer-policy: no-referrer
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://claimstatement.etuity.no
x-xss-protection: 1;mode=block
date: Fri, 24 Jun 2022 23:12:23 GMT
x-azure-ref: 01kS2YgAAAABakC/XedhHR6NINxGtKkUeT1NMMjMxMDUwMjAzMDM3ADMzNjJmNDczLWZhYWUtNDgxMi1iZjFkLWQyNmYxZGNhZGU3MQ==
x-content-type-options: nosniff
request-context: appId=cid-v1:ddd202dd-df32-4de0-a207-0c95bd553c7f

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-azure-ref: 01kS2YgAAAAAduDc077lZS7RIyQoBA7YcT1NMMjMxMDUwMjA1MDM1ADMzNjJmNDczLWZhYWUtNDgxMi1iZjFkLWQyNmYxZGNhZGU3MQ==
x-cache: TCP_MISS
location: https://auth.norclub.com/.well-known/openid-configuration
x-xss-protection: 1;mode=block
date: Fri, 24 Jun 2022 23:12:21 GMT
x-azure-ref-originshield: 01kS2YgAAAADjcSx1V+SxTY1Hwycj0pckQU1TMDRFREdFMTkxNQAzMzYyZjQ3My1mYWFlLTQ4MTItYmYxZC1kMjZmMWRjYWRlNzE=
content-length: 0
x-content-type-options: nosniff
request-context: appId=cid-v1:ddd202dd-df32-4de0-a207-0c95bd553c7f

GET
H2 200 calibri.874db1d485c36d125127.woff2
claimstatement.etuity.no/static/media/ 56 KB
56 KB 221ms
221ms Font
font/woff2 13.107.227.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://claimstatement.etuity.no/static/media/calibri.874db1d485c36d125127.woff2

Requested by

Host: claimstatement.etuity.no
URL: https://claimstatement.etuity.no/static/css/main.e8b7da58.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.227.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

0959800bd89c69c373db0642ed9b6fb26bafb734f8f139204620b4898d38b763

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer
Origin: https://claimstatement.etuity.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-azure-ref-originshield: 01kS2YgAAAACklS5DWp06RKwgvzRQT9lYQU1TMDRFREdFMTgwNgAzMzYyZjQ3My1mYWFlLTQ4MTItYmYxZC1kMjZmMWRjYWRlNzE=
x-powered-by: ASP.NET
x-cache: TCP_MISS
content-length: 56916
x-xss-protection: 1;mode=block
request-context: appId=cid-v1:ddd202dd-df32-4de0-a207-0c95bd553c7f
referrer-policy: no-referrer
last-modified: Wed, 15 Jun 2022 13:16:16 GMT
server: Microsoft-IIS/10.0
date: Fri, 24 Jun 2022 23:12:21 GMT
x-azure-ref: 01kS2YgAAAACSv6y58xZ8SKTfCJH8oMx1T1NMMjMxMDUwMjA1MDM1ADMzNjJmNDczLWZhYWUtNDgxMi1iZjFkLWQyNmYxZGNhZGU3MQ==
content-type: font/woff2
cache-control: public, max-age=2592000
etag: "1d880ba17dcce54"
accept-ranges: bytes

GET
H2

200

Primary Request Login Show response
auth.norclub.com/Account/
Redirect Chain

https://auth.norclub.com/connect/authorize?client_id=insify-claimstatement-web%3Aapp&redirect_uri=https%3A%2F%2Fclaimstatement.etuity.no%2Fcallback&response_type=code&scope=openid%20profile%20insif...
https://auth.norclub.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dinsify-claimstatement-web%253Aapp%26redirect_uri%3Dhttps%253A%252F%252Fclaimstatement.etuity.no%252F...

5 KB
2 KB

160ms
159ms

Document
text/html

13.107.227.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.norclub.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dinsify-claimstatement-web%253Aapp%26redirect_uri%3Dhttps%253A%252F%252Fclaimstatement.etuity.no%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520insify-claimstatement-web%2520insify-helpandnotifications-api%26state%3D29bf5d923fe54fca9365c0a518ea810a%26code_challenge%3DDbhXO3ZDIqdYFN5rlfCCMKbFg50c4s5GwL5g8uI0gi4%26code_challenge_method%3DS256%26response_mode%3Dquery

Requested by

Host: claimstatement.etuity.no
URL: https://claimstatement.etuity.no/static/js/main.3dd9db88.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.227.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

44608896cda729d81ae34bb75a92e4e637d87993193970b79b924f9e26bb0a4c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
content-type: text/html; charset=utf-8
date: Fri, 24 Jun 2022 23:12:23 GMT
referrer-policy: no-referrer
request-context: appId=cid-v1:ddd202dd-df32-4de0-a207-0c95bd553c7f
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-azure-ref: 010S2YgAAAAAd2m0BN/x0R7Wxms7tjqh7T1NMMjMxMDUwMjAzMDM1ADMzNjJmNDczLWZhYWUtNDgxMi1iZjFkLWQyNmYxZGNhZGU3MQ==
x-cache: CONFIG_NOCACHE
x-content-security-policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
x-xss-protection: 1;mode=block

Redirect headers

content-length: 0
date: Fri, 24 Jun 2022 23:12:23 GMT
location: https://auth.norclub.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dinsify-claimstatement-web%253Aapp%26redirect_uri%3Dhttps%253A%252F%252Fclaimstatement.etuity.no%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520insify-claimstatement-web%2520insify-helpandnotifications-api%26state%3D29bf5d923fe54fca9365c0a518ea810a%26code_challenge%3DDbhXO3ZDIqdYFN5rlfCCMKbFg50c4s5GwL5g8uI0gi4%26code_challenge_method%3DS256%26response_mode%3Dquery
referrer-policy: no-referrer
request-context: appId=cid-v1:ddd202dd-df32-4de0-a207-0c95bd553c7f
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref: 010S2YgAAAACiBhAdKdI7RpUvavHnAngrT1NMMjMxMDUwMjAzMDM1ADMzNjJmNDczLWZhYWUtNDgxMi1iZjFkLWQyNmYxZGNhZGU3MQ==
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-powered-by: ASP.NET
x-xss-protection: 1;mode=block

GET
H2 200 bootstrap.min.css
auth.norclub.com/lib/bootstrap/dist/css/ 156 KB
36 KB 74ms
74ms Stylesheet
text/css 13.107.227.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.norclub.com/lib/bootstrap/dist/css/bootstrap.min.css

Requested by

Host: auth.norclub.com
URL: https://auth.norclub.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dinsify-claimstatement-web%253Aapp%26redirect_uri%3Dhttps%253A%252F%252Fclaimstatement.etuity.no%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520insify-claimstatement-web%2520insify-helpandnotifications-api%26state%3D29bf5d923fe54fca9365c0a518ea810a%26code_challenge%3DDbhXO3ZDIqdYFN5rlfCCMKbFg50c4s5GwL5g8uI0gi4%26code_challenge_method%3DS256%26response_mode%3Dquery

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.227.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

31268c5e83a3d6528dfc18561208e25f45f168b37d23c5f06804dfa680f34fef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
referrer-policy: no-referrer
last-modified: Mon, 20 Jun 2022 11:03:28 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/css
x-xss-protection: 1;mode=block
date: Fri, 24 Jun 2022 23:12:23 GMT
etag: "1d884955ea2ef21"
request-context: appId=cid-v1:ddd202dd-df32-4de0-a207-0c95bd553c7f
accept-ranges: bytes
x-content-type-options: nosniff
x-azure-ref: 02ES2YgAAAAC09d+yw/VQRa+Hw5Zt/Nu0T1NMMjMxMDUwMjAzMDM1ADMzNjJmNDczLWZhYWUtNDgxMi1iZjFkLWQyNmYxZGNhZGU3MQ==

GET
H2 200 site.css
auth.norclub.com/css/ 5 KB
2 KB 155ms
154ms Stylesheet
text/css 13.107.227.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.norclub.com/css/site.css?v=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.227.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

c3eda7e3a25dcf7e3432233cc80df2e798360a4fbce6f3f6f6343ddcc801ad52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
referrer-policy: no-referrer
last-modified: Mon, 20 Jun 2022 11:03:28 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/css
x-xss-protection: 1;mode=block
date: Fri, 24 Jun 2022 23:12:23 GMT
etag: "1d884955ea094d6"
request-context: appId=cid-v1:ddd202dd-df32-4de0-a207-0c95bd553c7f
accept-ranges: bytes
x-content-type-options: nosniff
x-azure-ref: 02ES2YgAAAAAU7F4YThfLRoIDKvXm8ADTT1NMMjMxMDUwMjAzMDM1ADMzNjJmNDczLWZhYWUtNDgxMi1iZjFkLWQyNmYxZGNhZGU3MQ==

GET
H2 200 logo-white.svg
auth.norclub.com/logos/nhc/ 5 KB
5 KB 163ms
162ms Image
image/svg+xml 13.107.227.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.norclub.com/logos/nhc/logo-white.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.227.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

a7fb6658d035aaef69618ff0ea869ac9f2ca985dbe1d6ffc7b2c3b84cbaf7881

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
last-modified: Mon, 20 Jun 2022 11:03:28 GMT
x-powered-by: ASP.NET
etag: "1d884955ea09330"
x-azure-ref: 02ES2YgAAAABHFMqc8DTNRpx8hUn7OBCrT1NMMjMxMDUwMjAzMDM1ADMzNjJmNDczLWZhYWUtNDgxMi1iZjFkLWQyNmYxZGNhZGU3MQ==
x-cache: CONFIG_NOCACHE
content-type: image/svg+xml
date: Fri, 24 Jun 2022 23:12:23 GMT
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 4912
x-xss-protection: 1;mode=block
request-context: appId=cid-v1:ddd202dd-df32-4de0-a207-0c95bd553c7f

GET
H2 200 logo.svg
auth.norclub.com/logos/external/ 2 KB
3 KB 154ms
154ms Image
image/svg+xml 13.107.227.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.norclub.com/logos/external/logo.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.227.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

f98bb96b670aa25da5148d74749a8160b649b8d2ea44b4e9d0f3f5aaad1862f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
last-modified: Mon, 20 Jun 2022 11:03:28 GMT
x-powered-by: ASP.NET
etag: "1d884955ea089b5"
x-azure-ref: 02ES2YgAAAABigmB3WQglTodjFtkvgKQbT1NMMjMxMDUwMjAzMDM1ADMzNjJmNDczLWZhYWUtNDgxMi1iZjFkLWQyNmYxZGNhZGU3MQ==
x-cache: CONFIG_NOCACHE
content-type: image/svg+xml
date: Fri, 24 Jun 2022 23:12:23 GMT
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 2485
x-xss-protection: 1;mode=block
request-context: appId=cid-v1:ddd202dd-df32-4de0-a207-0c95bd553c7f

GET
H2 200 logo.svg
auth.norclub.com/logos/nhc/ 12 KB
12 KB 200ms
200ms Image
image/svg+xml 13.107.227.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.norclub.com/logos/nhc/logo.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.227.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

743085b6d064d1b5d3c08c937e4a1b2a15cb7bff81f74207e35e1891ce68bfff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
last-modified: Mon, 20 Jun 2022 11:03:28 GMT
x-powered-by: ASP.NET
etag: "1d884955ea0afe0"
x-azure-ref: 02ES2YgAAAADwljUp1IG8RqtfQI7q8q/OT1NMMjMxMDUwMjAzMDM1ADMzNjJmNDczLWZhYWUtNDgxMi1iZjFkLWQyNmYxZGNhZGU3MQ==
x-cache: CONFIG_NOCACHE
content-type: image/svg+xml
date: Fri, 24 Jun 2022 23:12:23 GMT
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 12256
x-xss-protection: 1;mode=block
request-context: appId=cid-v1:ddd202dd-df32-4de0-a207-0c95bd553c7f

GET
H2 200 jquery.slim.min.js Show response
auth.norclub.com/lib/jquery/dist/ 71 KB
31 KB 159ms
158ms Script
application/javascript 13.107.227.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.norclub.com/lib/jquery/dist/jquery.slim.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.227.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

38771e9e7ba11e3db4be1d97b5a4f687cd9322e05b39eaa81f715310a2c12856

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
referrer-policy: no-referrer
last-modified: Mon, 20 Jun 2022 11:03:28 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-xss-protection: 1;mode=block
date: Fri, 24 Jun 2022 23:12:23 GMT
etag: "1d884955ea19acf"
request-context: appId=cid-v1:ddd202dd-df32-4de0-a207-0c95bd553c7f
accept-ranges: bytes
x-content-type-options: nosniff
x-azure-ref: 02ES2YgAAAABjAven5K8XSaKE6Z53T/yuT1NMMjMxMDUwMjAzMDM1ADMzNjJmNDczLWZhYWUtNDgxMi1iZjFkLWQyNmYxZGNhZGU3MQ==

GET
H2 200 bootstrap.bundle.min.js Show response
auth.norclub.com/lib/bootstrap/dist/js/ 79 KB
30 KB 160ms
159ms Script
application/javascript 13.107.227.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.norclub.com/lib/bootstrap/dist/js/bootstrap.bundle.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.227.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

c02c36ee26e55ba10188928a6bcab41f44fdfade35f020397cc6eaf0991c4e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
referrer-policy: no-referrer
last-modified: Mon, 20 Jun 2022 11:03:28 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-xss-protection: 1;mode=block
date: Fri, 24 Jun 2022 23:12:23 GMT
etag: "1d884955ea1bb40"
request-context: appId=cid-v1:ddd202dd-df32-4de0-a207-0c95bd553c7f
accept-ranges: bytes
x-content-type-options: nosniff
x-azure-ref: 02ES2YgAAAADykkw7WHSQR5KEkzplWXD7T1NMMjMxMDUwMjAzMDM1ADMzNjJmNDczLWZhYWUtNDgxMi1iZjFkLWQyNmYxZGNhZGU3MQ==

GET
H2 200 water_bg.png
auth.norclub.com/images/ 534 KB
535 KB 75ms
75ms Image
image/png 13.107.227.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.norclub.com/images/water_bg.png

Requested by

Host: auth.norclub.com
URL: https://auth.norclub.com/css/site.css?v=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.227.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

e9077b81b03b269ce4742adb9f132328f8bdd9a9c54e0acc5c930d6ded25fc95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
last-modified: Mon, 20 Jun 2022 11:03:28 GMT
x-powered-by: ASP.NET
etag: "1d884955ea8d6f8"
x-azure-ref: 02ES2YgAAAACH3VwZdYxMT5+pYXDMF3ifT1NMMjMxMDUwMjAzMDM1ADMzNjJmNDczLWZhYWUtNDgxMi1iZjFkLWQyNmYxZGNhZGU3MQ==
x-cache: CONFIG_NOCACHE
content-type: image/png
date: Fri, 24 Jun 2022 23:12:23 GMT
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 546552
x-xss-protection: 1;mode=block
request-context: appId=cid-v1:ddd202dd-df32-4de0-a207-0c95bd553c7f

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.fonts.net/	1970-01-20 04:01:54	Name: __cf_bm Value: 8SjS4PD.tcaOdTXnxBBK8C.rC1xNCrXSlOEXwpAV3O4-1656112341-0-AYhCmocX7C8WKciAwnRkokWiC444LXfshxhpCnVD/pRdgwM6ZPxGoXd9YeB+xPMVx9z2U+kp/KmNQsLyan1ZK30=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://claimstatement.etuity.no/api/roles Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	style-src 'self' https://fast.fonts.net 'unsafe-inline'; default-src 'self'; script-src 'self'; img-src https://.blob.core.windows.net/ blob: 'self'; media-src 'self'; form-action 'none'; frame-src https://auth.norclub.com 'self'; connect-src wss://localhost: https://auth.norclub.com 'self' https://dc.services.visualstudio.com https://.blob.core.windows.net/ blob: https://prod-insify-signalr.service.signalr.net wss://prod-insify-signalr.service.signalr.net; object-src https://.blob.core.windows.net/ blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	style-src 'self' https://fast.fonts.net 'unsafe-inline'; default-src 'self'; script-src 'self'; img-src https://.blob.core.windows.net/ blob: 'self'; media-src 'self'; form-action 'none'; frame-src https://auth.norclub.com 'self'; connect-src wss://localhost: https://auth.norclub.com 'self' https://dc.services.visualstudio.com https://.blob.core.windows.net/ blob: https://prod-insify-signalr.service.signalr.net wss://prod-insify-signalr.service.signalr.net; object-src https://.blob.core.windows.net/ blob:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.norclub.com
claimstatement.etuity.no
claimstatement.insify.no
fast.fonts.net
104.17.224.78
13.107.227.45
194.63.248.52
0959800bd89c69c373db0642ed9b6fb26bafb734f8f139204620b4898d38b763
14cccad9df90383e0db5af1bc83c02cc52aa62155688c521858ee9ecd2e2ef43
1777f48494f694093cc01d5515811fb4c5e8cb7edda029a1d6c4a8b3b4623218
31268c5e83a3d6528dfc18561208e25f45f168b37d23c5f06804dfa680f34fef
38771e9e7ba11e3db4be1d97b5a4f687cd9322e05b39eaa81f715310a2c12856
44608896cda729d81ae34bb75a92e4e637d87993193970b79b924f9e26bb0a4c
743085b6d064d1b5d3c08c937e4a1b2a15cb7bff81f74207e35e1891ce68bfff
97ee7a8ffe65277a3c468d919e1c43351c38abe94f20f18454216bf7e44cdebf
a7fb6658d035aaef69618ff0ea869ac9f2ca985dbe1d6ffc7b2c3b84cbaf7881
c02c36ee26e55ba10188928a6bcab41f44fdfade35f020397cc6eaf0991c4e57
c3eda7e3a25dcf7e3432233cc80df2e798360a4fbce6f3f6f6343ddcc801ad52
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9077b81b03b269ce4742adb9f132328f8bdd9a9c54e0acc5c930d6ded25fc95
f98bb96b670aa25da5148d74749a8160b649b8d2ea44b4e9d0f3f5aaad1862f0
fd9029827f8b93387f18c674cf40c7c0b89f93e2aee889b80702928a9b48e99a

auth.norclub.com Open in urlscan Pro 13.107.227.45 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

94 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

2 IPs

3 Countries

1837 kBTransfer

4097 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

auth.norclub.com Open in urlscan Pro
13.107.227.45 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

3
Countries

1837 kB
Transfer

4097 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions