urlscan.io logo urlscan.io
SecurityTrails logo

nucalm.com Open in urlscan Pro
52.8.178.132  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nucalm.com/
Effective URL: https://nucalm.com/
Submission Tags: tranco_l324
Submission: On May 31 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 18 domains to perform 65 HTTP transactions. The main IP is 52.8.178.132, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is nucalm.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on March 20th 2024. Valid for: 3 months.
This is the only time nucalm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
28 52.8.178.132 16509 (AMAZON-02)
1 2600:9000:266... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 99.86.8.175 16509 (AMAZON-02)
1 162.159.138.60 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 35.163.144.222 16509 (AMAZON-02)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 ()
65 21
28    52.8.178.132 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-178-132.us-west-1.compute.amazonaws.com
nucalm.com
1    2600:9000:266e:e400:1e:b6b6:9ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.firstpromoter.com
1    2606:4700::6810:8bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
8    99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net
cdn.segment.com
1    162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)
player.vimeo.com
2    2606:4700::6810:6ffe (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
forms.hscollectedforms.net
3    2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6812:8d11 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
1    2606:4700::6810:4f8e (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2606:4700::6811:4ffa (United States)

ASN13335 (CLOUDFLARENET, US)
js.hubspotfeedback.com
3    2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubspot.com
forms.hubspot.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)
app.hubspot.com
track.hubspot.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    35.163.144.222 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-144-222.us-west-2.compute.amazonaws.com
api.segment.io
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    (None, )

ASN- ()
nucalm.com
Apex Domain
Subdomains		 Transfer
29 nucalm.com
nucalm.com
4 MB
8 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1845
123 KB
6 hubspot.com
api.hubspot.com — Cisco Umbrella Rank: 4890
app.hubspot.com — Cisco Umbrella Rank: 5794
track.hubspot.com — Cisco Umbrella Rank: 2393
forms.hubspot.com — Cisco Umbrella Rank: 5442
4 KB
3 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2189
28 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
70 KB
2 gstatic.com
fonts.gstatic.com
46 KB
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 4572
forms.hscollectedforms.net — Cisco Umbrella Rank: 4722
25 KB
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1425
170 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
106 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
865 B
1 hubspotfeedback.com
js.hubspotfeedback.com — Cisco Umbrella Rank: 15211
10 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 4801
24 KB
1 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 5201
92 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2225
24 KB
1 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 2031
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2460
1 KB
1 firstpromoter.com
cdn.firstpromoter.com — Cisco Umbrella Rank: 33670
2 KB
65 18
Domain Requested by
29 nucalm.com nucalm.com
8 cdn.segment.com nucalm.com
cdn.segment.com
3 js.hs-banner.com js.hs-scripts.com
js.hs-banner.com
2 www.facebook.com nucalm.com
2 connect.facebook.net cdn.segment.com
connect.facebook.net
2 fonts.gstatic.com fonts.googleapis.com
2 app.hubspot.com js.usemessages.com
js.hubspotfeedback.com
2 api.hubspot.com js.usemessages.com
1 forms.hubspot.com js.hsleadflows.net
1 track.hubspot.com
1 api.segment.io cdn.segment.com
1 www.googletagmanager.com cdn.segment.com
1 fonts.googleapis.com js.hs-banner.com
1 forms.hscollectedforms.net js.hscollectedforms.net
1 js.hubspotfeedback.com js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 js.hsleadflows.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 player.vimeo.com nucalm.com
1 js.hs-scripts.com nucalm.com
1 cdn.firstpromoter.com nucalm.com
65 22
Subject Issuer Validity Valid
nucalm.com
ZeroSSL RSA Domain Secure Site CA		 2024-03-20 -
2024-06-18		 3 months crt.sh
*.firstpromoter.com
Amazon RSA 2048 M03		 2023-11-21 -
2024-12-18		 a year crt.sh
hs-scripts.com
E1		 2024-05-31 -
2024-08-29		 3 months crt.sh
*.segment.com
Amazon RSA 2048 M03		 2023-11-14 -
2024-12-13		 a year crt.sh
player.vimeo.com
E1		 2024-05-27 -
2024-08-25		 3 months crt.sh
hscollectedforms.net
E1		 2024-05-27 -
2024-08-25		 3 months crt.sh
hs-banner.com
E1		 2024-05-30 -
2024-08-28		 3 months crt.sh
hs-analytics.net
GTS CA 1P5		 2024-04-13 -
2024-07-12		 3 months crt.sh
hsleadflows.net
E1		 2024-04-05 -
2024-07-04		 3 months crt.sh
usemessages.com
E1		 2024-04-12 -
2024-07-11		 3 months crt.sh
hubspotfeedback.com
GTS CA 1P5		 2024-04-03 -
2024-07-02		 3 months crt.sh
hubspot.com
E1		 2024-05-23 -
2024-08-21		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-09 -
2024-06-07		 3 months crt.sh
*.segment.io
Amazon RSA 2048 M03		 2023-12-13 -
2025-01-11		 a year crt.sh

This page contains 5 frames:

Primary Page: https://nucalm.com/
Frame ID: 4106F35F0A5379640E967E818135BB69
Requests: 59 HTTP requests in this frame

Frame: https://player.vimeo.com/video/892660964?h=ce6dab050d&byline=0&portrait=0&title=0
Frame ID: 72234C958FFCC2C4114D8E584170E037
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/21408922/threads/utk/e526d9fd9e6d4916bbc415f0d99de1d3?uuid=23579b50dcc2487c8ef7e2a922690739&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=nucalm.com&inApp53=false&messagesUtk=e526d9fd9e6d4916bbc415f0d99de1d3&url=https%3A%2F%2Fnucalm.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true
Frame ID: 7B090B20FC1A772B5701501CFF798F88
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/feedback-web-fetcher
Frame ID: 63431F002A3952987BB8EFC7645562E9
Requests: 1 HTTP requests in this frame

Frame: https://nucalm.com/~partytown/partytown-sandbox-sw.html?1717133205338
Frame ID: DCAFEE9A5EF288F073B2F5BB48CA837F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NuCalm Home | The Ultimate Solution for Stress and Sleep Management

Page URL History Show full URLs

  1. http://nucalm.com/ HTTP 307
    https://nucalm.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

65
Requests

98 %
HTTPS

75 %
IPv6

18
Domains

22
Subdomains

21
IPs

3
Countries

4940 kB
Transfer

24421 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nucalm.com/ HTTP 307
    https://nucalm.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nucalm.com/
Redirect Chain
  • http://nucalm.com/
  • https://nucalm.com/
113 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fa39934f15d187f3fd0859f1379f1f3d67705cde3990a08a939652bd17f8c49e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
9040
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-build-id
16636557
cc-cache-group
default
cc-cache-status
HIT
cc-country
DE
cc-perf
hash-table=36;download=51;process=19;t=119
cc-resolver
v3
cc-stable-domain
giant-dahlia.cloudvent.net
content-encoding
gzip
content-length
26049
content-type
text/html; charset=utf-8
date
Fri, 31 May 2024 05:26:42 GMT
last-modified
Fri May 31 2024 02:29:18 GMT+0000 (Coordinated Universal Time)
server
nginx
vary
CC-Country, Accept-Encoding

Redirect headers

Location
https://nucalm.com/
Non-Authoritative-Reason
HttpsUpgrades
fpr.js
cdn.firstpromoter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.firstpromoter.com/fpr.js
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:e400:1e:b6b6:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
428fefa036de5a227b40945c94be22b37a89516bc6b8a5c0dd09b88e17fd9ddf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 23:09:26 GMT
content-encoding
gzip
via
1.1 c63140c3859a31aa195816b9d66d1f2c.cloudfront.net (CloudFront)
last-modified
Mon, 07 Feb 2022 04:29:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
22637
etag
W/"d53f26ce71a7333d477b01f52bdade3e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
rb3Xnk2LYxP5zSJTZTy-V8aVeyVkGNlqwbSO37DdNv9h-elFeRfnWg==
hoisted.Tj2PV_Kp.js
nucalm.com/_astro/ 		696 B
852 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nucalm.com/_astro/hoisted.Tj2PV_Kp.js
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
993e692edee6daae1dac9fd2d41d17309ad39a099e9cc413c8c8f4d1638d77f4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Origin
https://nucalm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
content-encoding
gzip
cc-build-id
16636557
age
10446
cc-perf
site-load=63;hash-table=82;fetch-headers=52;t=207
cc-resolver
v3
cc-cache-group
default
content-length
434
last-modified
Tue, 28 May 2024 18:02:57 GMT
server
nginx
etag
W/2ee0eac91874950612a1ea0ecda9ca06
cc-stable-domain
giant-dahlia.cloudvent.net
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes
page.M61HTKRY.js
nucalm.com/_astro/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nucalm.com/_astro/page.M61HTKRY.js
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2c69091df95e78ad89d41a0b77399226d831f6175b34c22bf036a8fe62587b29

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Origin
https://nucalm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
content-encoding
gzip
cc-build-id
16636557
age
10446
cc-perf
site-load=72;hash-table=108;fetch-headers=99;t=293
cc-resolver
v3
cc-cache-group
default
content-length
1089
last-modified
Mon, 11 Mar 2024 23:40:37 GMT
server
nginx
etag
W/3a827901b9870cd36de29069ea463bf6
cc-stable-domain
giant-dahlia.cloudvent.net
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes
logo-darkTheme.y15Rk08C_26BoaU.webp
nucalm.com/_astro/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nucalm.com/_astro/logo-darkTheme.y15Rk08C_26BoaU.webp
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d16fb321316a5fc3f5bff62ebaa5bdca1b1bc1cfb532037a2930117980fd187b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
cc-build-id
16636557
age
10446
cc-perf
site-load=76;build-load=31;hash-table=120;fetch-headers=64;t=298
cc-resolver
v3
cc-cache-group
default
content-length
8840
last-modified
Tue, 09 Jan 2024 20:43:06 GMT
server
nginx
etag
a831e443536622a79bdb258c31c6a8dd
cc-stable-domain
giant-dahlia.cloudvent.net
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes
plans-desktop-hero-phone-stack.2f0z0Zmd_Z1U3mnu.webp
nucalm.com/_astro/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nucalm.com/_astro/plans-desktop-hero-phone-stack.2f0z0Zmd_Z1U3mnu.webp
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a225069d5c6d019effe2e12b08e765dba7cc2d7da009f4780bb1f915eb564aab

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
cc-build-id
16636557
age
10446
cc-perf
site-load=72;build-load=20;hash-table=114;fetch-headers=82;t=295
cc-resolver
v3
cc-cache-group
default
content-length
43296
last-modified
Wed, 24 Jan 2024 23:11:29 GMT
server
nginx
etag
b1909b374eaaca60c13b42c605bfb9d2
cc-stable-domain
giant-dahlia.cloudvent.net
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes
brother-craig.webp
nucalm.com/assets/videos/posters/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nucalm.com/assets/videos/posters/brother-craig.webp
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b6e777e59bb8a88f84cc8332a6d8c0db52d9b0947c85ab3983144b6681cb29c3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Origin
https://nucalm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
cc-build-id
16636557
age
10446
cc-perf
hash-table=40;fetch-headers=129;t=183
cc-resolver
v3
cc-cache-group
default
content-length
77306
last-modified
Fri, 26 Jan 2024 18:12:45 GMT
server
nginx
etag
77f77e9ccd755b79168972b72c37c19b
cc-stable-domain
giant-dahlia.cloudvent.net
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes
adelene.webp
nucalm.com/assets/videos/posters/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nucalm.com/assets/videos/posters/adelene.webp
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9607ba6879a3fe4a65b4f1003c006ba1603dd1123a57a34fb9aacfd7033f4b18

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Origin
https://nucalm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
cc-build-id
16636557
age
10446
cc-perf
hash-table=36;fetch-headers=51;t=103
cc-resolver
v3
cc-cache-group
default
content-length
52728
last-modified
Fri, 26 Jan 2024 18:12:43 GMT
server
nginx
etag
144299d7900a4bd988a80b5e70453d2c
cc-stable-domain
giant-dahlia.cloudvent.net
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes
shellye.webp
nucalm.com/assets/videos/posters/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nucalm.com/assets/videos/posters/shellye.webp
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
47725aab2ec4e8956b48e735c99b4589a04c00845d896d3e98c798d3caad2ac3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Origin
https://nucalm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
cc-build-id
16636557
age
10446
cc-perf
site-load=76;build-load=26;hash-table=45;fetch-headers=138;t=293
cc-resolver
v3
cc-cache-group
default
content-length
73370
last-modified
Fri, 26 Jan 2024 18:12:45 GMT
server
nginx
etag
d9a2c516e6d212a60ad522c0eae9c0fa
cc-stable-domain
giant-dahlia.cloudvent.net
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes
alan.webp
nucalm.com/assets/videos/posters/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nucalm.com/assets/videos/posters/alan.webp
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
57f0ca38e630309721a8aae3e46708026059e22ba3c0a32173a93b00452928bc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Origin
https://nucalm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
cc-build-id
16636557
age
10446
cc-perf
site-load=14;hash-table=42;fetch-headers=119;t=184
cc-resolver
v3
cc-cache-group
default
content-length
54928
last-modified
Fri, 26 Jan 2024 18:12:45 GMT
server
nginx
etag
5c50b56dcad4e7832aa0e70038f5b41c
cc-stable-domain
giant-dahlia.cloudvent.net
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes
jenna-roth.webp
nucalm.com/assets/videos/posters/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nucalm.com/assets/videos/posters/jenna-roth.webp
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ad87fb7bb276148b78bf98a4eedfe8f3c50da4b598abfc1750983d3d016553f9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Origin
https://nucalm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
cc-build-id
16636557
age
10446
cc-perf
site-load=74;build-load=13;hash-table=110;fetch-headers=95;t=299
cc-resolver
v3
cc-cache-group
default
content-length
81638
last-modified
Fri, 26 Jan 2024 20:58:00 GMT
server
nginx
etag
4df43d4df99388ba7ab5aee54589c5dd
cc-stable-domain
giant-dahlia.cloudvent.net
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes
salim.webp
nucalm.com/assets/videos/posters/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nucalm.com/assets/videos/posters/salim.webp
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c85ef5a42470edb148c32dc1c3c398ce149875f90f1d54c3903ee205d3e80f4a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Origin
https://nucalm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
cc-build-id
16636557
age
10446
cc-perf
site-load=54;build-load=12;hash-table=103;fetch-headers=116;t=293
cc-resolver
v3
cc-cache-group
default
content-length
60094
last-modified
Fri, 26 Jan 2024 18:12:43 GMT
server
nginx
etag
a1d840d49f62c1f3c761addea26004b8
cc-stable-domain
giant-dahlia.cloudvent.net
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes
21408922.js
js.hs-scripts.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/21408922.js
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
942645dad13df4b278069be1f693706b79f2e4b1c4fc1e32a9229f9a24f2ab85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
348bcca9-e8bb-42ce-bac2-7bb3deb8e990
x-envoy-upstream-service-time
9
content-length
718
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
348bcca9-e8bb-42ce-bac2-7bb3deb8e990
last-modified
Fri, 31 May 2024 05:05:07 GMT
server
cloudflare
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://nucalm.com
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5d47c8d44f-fsq9v
access-control-allow-credentials
true
cache-control
public, max-age=90
accept-ranges
bytes
cf-ray
88c48cf6fb5d3a8e-FRA
expires
Fri, 31 May 2024 05:28:13 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/DUoG9ERlxKrVdhrHWO6RJnCWAadkPao7/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/DUoG9ERlxKrVdhrHWO6RJnCWAadkPao7/analytics.min.js
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5b50b745d7e4b3745a141239b560e4e4e927bac8e5500dc58b72531d463f86c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
jNyF2IeWXw84AYR.90b06PjOjx0pZRVd
content-encoding
br
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
date
Fri, 31 May 2024 05:26:44 GMT
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 30 May 2024 20:03:03 GMT
server
AmazonS3
etag
W/"00c83e692df08f49efeee1fab9e26c91"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
E5uA1JuFnT1-jukcyheQT_vfaYYe37dvCBgzBhbJo54qLcWA3I23UQ==
graph.Z9PWdalh.css
nucalm.com/_astro/ 		81 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nucalm.com/_astro/graph.Z9PWdalh.css
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
020e91bc8b32368887cf9f346861d650073213b72f8c9f00cd4665249fa1b6f9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
content-encoding
gzip
cc-build-id
16636557
age
10446
cc-perf
hash-table=62;fetch-headers=23;t=101
cc-resolver
v3
cc-cache-group
default
content-length
14082
last-modified
Thu, 02 May 2024 17:38:25 GMT
server
nginx
etag
W/c8360a463c9189b44dcb8c450dfd48c2
cc-stable-domain
giant-dahlia.cloudvent.net
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes
brother-craig.mp4
nucalm.com/assets/videos/ 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://nucalm.com/assets/videos/brother-craig.mp4
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://nucalm.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
cc-build-id
16636557
age
0
Content-Range
bytes 0-7143754/7143755
cc-perf
hash-table=40;fetch-headers=67;t=119
cc-resolver
v3
cc-cache-group
default
Content-Length
7143755
last-modified
Fri, 26 Jan 2024 18:12:43 GMT
server
nginx
etag
05970dfa37d3dfb73e8788303eadf9c1
cc-stable-domain
giant-dahlia.cloudvent.net
content-type
video/mp4
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
MISS
accept-ranges
bytes
adelene.mp4
nucalm.com/assets/videos/ 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://nucalm.com/assets/videos/adelene.mp4
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://nucalm.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
cc-build-id
16636557
age
0
Content-Range
bytes 0-8014730/8014731
cc-perf
site-load=17;hash-table=44;fetch-headers=79;t=149
cc-resolver
v3
cc-cache-group
default
Content-Length
8014731
last-modified
Fri, 26 Jan 2024 18:12:45 GMT
server
nginx
etag
c7261c877f20e550a5f1567930b51e87
cc-stable-domain
giant-dahlia.cloudvent.net
content-type
video/mp4
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
MISS
accept-ranges
bytes
shellye.mp4
nucalm.com/assets/videos/ 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://nucalm.com/assets/videos/shellye.mp4
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://nucalm.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
cc-build-id
16636557
age
0
Content-Range
bytes 0-8517375/8517376
cc-perf
site-load=32;hash-table=39;fetch-headers=121;t=201
cc-resolver
v3
cc-cache-group
default
Content-Length
8517376
last-modified
Fri, 26 Jan 2024 18:12:43 GMT
server
nginx
etag
657fe61cff4a3c74caa1b5256f4a451b
cc-stable-domain
giant-dahlia.cloudvent.net
content-type
video/mp4
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
MISS
accept-ranges
bytes
alan.mp4
nucalm.com/assets/videos/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://nucalm.com/assets/videos/alan.mp4
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://nucalm.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
cc-build-id
16636557
age
0
Content-Range
bytes 0-7060954/7060955
cc-perf
site-load=30;hash-table=54;fetch-headers=85;t=177
cc-resolver
v3
cc-cache-group
default
Content-Length
7060955
last-modified
Fri, 26 Jan 2024 18:12:45 GMT
server
nginx
etag
11e9c2059fb95204d9c45cd3f01a5121
cc-stable-domain
giant-dahlia.cloudvent.net
content-type
video/mp4
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
MISS
accept-ranges
bytes
892660964
player.vimeo.com/video/ Frame 7223 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/892660964?h=ce6dab050d&byline=0&portrait=0&title=0
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://nucalm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
88c48cf79d1f2c51-FRA
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 31 May 2024 05:26:43 GMT
Server
cloudflare
Transfer-Encoding
chunked
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
expires
Fri, 15 Dec 1985 19:30:00 GMT
link
<https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 varnish
x-backend-server
player-backend-edge-entry
x-bapp-server
player-backend-6d7d778f74-twwxk
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-host
player-backend-6d7d778f74-twwxk
x-player-backend
g
x-served-by
cache-fra-eddf8230083-FRA
x-timer
S1717133203.148753,VS0,VE166
x-xss-protection
1; mode=block
truncated
/ 		576 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1eaadd52a15979845a5bdcf22f9f2ff3b04c2b850dc4e36a01516892b093495

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
nucalm-brain-waves-and-associated-mental-states.cA89Gyoh_Z1Ei6PB.webp
nucalm.com/_astro/ 		346 KB
347 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nucalm.com/_astro/nucalm-brain-waves-and-associated-mental-states.cA89Gyoh_Z1Ei6PB.webp
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f06a63fe5914a4dba8a751a8d8ba21ef8bc692621cb63fb80efddacb3fba735e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
cc-build-id
16636557
age
10317
cc-perf
site-load=23;hash-table=37;fetch-headers=43;t=111
cc-resolver
v3
cc-cache-group
default
content-length
354802
last-modified
Fri, 16 Feb 2024 14:42:47 GMT
server
nginx
etag
7ef31f8641bfd191a56cf5914586978c
cc-stable-domain
giant-dahlia.cloudvent.net
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes
stress-reduction.ouq9H1Ck_SPPm1.svg
nucalm.com/_astro/ 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nucalm.com/_astro/stress-reduction.ouq9H1Ck_SPPm1.svg
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9313a1d6329af4d8f77cc7b4e71558f72819682d8a3eef1b9d0d6201e24062fd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
content-encoding
gzip
cc-build-id
16636557
age
10317
cc-perf
hash-table=40;fetch-headers=35;t=88
cc-resolver
v3
cc-cache-group
default
content-length
1842
last-modified
Mon, 11 Mar 2024 23:40:41 GMT
server
nginx
etag
W/764fdb5718c5043b6e282b13c89e44f7
cc-stable-domain
giant-dahlia.cloudvent.net
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes
optimized-sleep-quality.7PLJdObh_Z2iQwu0.svg
nucalm.com/_astro/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nucalm.com/_astro/optimized-sleep-quality.7PLJdObh_Z2iQwu0.svg
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
efecd91237d67e404b31d17eee73232a75cb8c47640472e6bf0284830e5d023c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
content-encoding
gzip
cc-build-id
16636557
age
10317
cc-perf
hash-table=38;renderer=13;fetch-headers=51;t=114
cc-resolver
v3
cc-cache-group
default
content-length
715
last-modified
Mon, 11 Mar 2024 23:40:37 GMT
server
nginx
etag
W/94412b6c68611d5e707b426307e8f747
cc-stable-domain
giant-dahlia.cloudvent.net
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes
jenna-roth.mp4
nucalm.com/assets/videos/ 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://nucalm.com/assets/videos/jenna-roth.mp4
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://nucalm.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
cc-build-id
16636557
age
0
Content-Range
bytes 0-7581908/7581909
cc-perf
site-load=11;hash-table=43;fetch-headers=140;t=203
cc-resolver
v3
cc-cache-group
default
Content-Length
7581909
last-modified
Fri, 26 Jan 2024 20:58:00 GMT
server
nginx
etag
f726c9d824909ef6e8d594fb7627c53f
cc-stable-domain
giant-dahlia.cloudvent.net
content-type
video/mp4
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
MISS
accept-ranges
bytes
salim.mp4
nucalm.com/assets/videos/ 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://nucalm.com/assets/videos/salim.mp4
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
41a5e5272f32ab2b0620be9508d592bf8b712f0bb186ba5bca22cfd00eaa9646

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://nucalm.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
cc-build-id
16636557
age
0
Content-Range
bytes 0-3576452/3576453
cc-perf
hash-table=43;fetch-headers=75;t=130
cc-resolver
v3
cc-cache-group
default
Content-Length
3576453
last-modified
Fri, 26 Jan 2024 18:12:43 GMT
server
nginx
etag
1476f17d2d25172c5cf30c8019812f11
cc-stable-domain
giant-dahlia.cloudvent.net
content-type
video/mp4
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
MISS
accept-ranges
bytes
hoisted.xKe5J6nE.js
nucalm.com/_astro/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nucalm.com/_astro/hoisted.xKe5J6nE.js
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c8cfedc252e6b03469c99e3903de95d7e3e742d2855c93d2d38bc6586f0ffe69

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/_astro/hoisted.Tj2PV_Kp.js
Origin
https://nucalm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
content-encoding
gzip
cc-build-id
16636557
age
10439
cc-perf
site-load=13;hash-table=46;fetch-headers=56;t=124
cc-resolver
v3
cc-cache-group
default
content-length
1585
last-modified
Wed, 14 Feb 2024 16:36:17 GMT
server
nginx
etag
W/a0b854f4bb5cd9a3ec6bfe8ae94d3116
cc-stable-domain
giant-dahlia.cloudvent.net
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes
hoisted.Z2Fs_uzQ.js
nucalm.com/_astro/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nucalm.com/_astro/hoisted.Z2Fs_uzQ.js
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
65d07fc638a25c24977b896dfbc3ae24095710055d12b95176a455769f4b1305

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/_astro/hoisted.Tj2PV_Kp.js
Origin
https://nucalm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
content-encoding
gzip
cc-build-id
16636557
age
10439
cc-perf
hash-table=42;fetch-headers=68;t=124
cc-resolver
v3
cc-cache-group
default
content-length
2797
last-modified
Wed, 14 Feb 2024 16:36:24 GMT
server
nginx
etag
W/69bf585abe0558c62a5d5ac9013e4064
cc-stable-domain
giant-dahlia.cloudvent.net
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes
InstagramVideos.astro_astro_type_script_index_0_lang.hS7IOyPA.js
nucalm.com/_astro/ 		1 KB
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nucalm.com/_astro/InstagramVideos.astro_astro_type_script_index_0_lang.hS7IOyPA.js
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
69b38a454ebf8bd9ddbb7de619cb374a5f1d4039ad26d5033bc1952dc13efdcb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/_astro/hoisted.Tj2PV_Kp.js
Origin
https://nucalm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
content-encoding
gzip
cc-build-id
16636557
age
10384
cc-perf
hash-table=45;fetch-headers=43;t=100
cc-resolver
v3
cc-cache-group
default
content-length
605
last-modified
Tue, 28 May 2024 18:02:56 GMT
server
nginx
etag
W/e009ede9dfc59a59b4ee9d5f99b42d1f
cc-stable-domain
giant-dahlia.cloudvent.net
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes
hoisted.znNLJYH-.js
nucalm.com/_astro/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nucalm.com/_astro/hoisted.znNLJYH-.js
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
86be3b270f4ffbead4d9387bd0767014497bf2faaf2664b7779c94168e8bdbbc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/_astro/hoisted.Tj2PV_Kp.js
Origin
https://nucalm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
content-encoding
gzip
cc-build-id
16636557
age
10439
cc-perf
site-load=14;hash-table=25;fetch-headers=33;t=79
cc-resolver
v3
cc-cache-group
default
content-length
1660
last-modified
Thu, 11 Apr 2024 17:19:30 GMT
server
nginx
etag
W/e26b27484ebe33bc06e6c5395cc03829
cc-stable-domain
giant-dahlia.cloudvent.net
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes
_commonjs-dynamic-modules.h-SxKiO4.js
nucalm.com/_astro/ 		238 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nucalm.com/_astro/_commonjs-dynamic-modules.h-SxKiO4.js
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aab0d7d326bcada8b73bfc07bab62ecef6d8611dd8d969864a421adb62900807

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/_astro/hoisted.Tj2PV_Kp.js
Origin
https://nucalm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
content-encoding
gzip
cc-build-id
16636557
age
10439
cc-perf
site-load=29;hash-table=42;fetch-headers=38;t=117
cc-resolver
v3
cc-cache-group
default
content-length
190
last-modified
Fri, 05 Jan 2024 22:16:05 GMT
server
nginx
etag
W/af234f90058aa7359a6fc1590c9d227b
cc-stable-domain
giant-dahlia.cloudvent.net
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes
collectedforms.js
js.hscollectedforms.net/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21408922.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Origin
https://nucalm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
x-amz-version-id
WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 7c77abdf1c625c25627fe2a24e660a34.cloudfront.net (CloudFront)
cf-cache-status
EXPIRED
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
551e594e-0270-433b-a20b-eca0ad1693ff
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=88c48cf7fc863a5c-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
2
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
551e594e-0270-433b-a20b-eca0ad1693ff
last-modified
Wed, 15 May 2024 14:34:44 UTC
server
cloudflare
etag
W/"7d377a186677c174f204d466b8fa5fdb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-vdptk
cf-ray
88c48cf7fc863a5c-FRA
x-amz-cf-id
3Dbnsho9Mmw-TSIoHTcVPJw40-UczTGjVLP-W_Z34u5hpNPKt5s9Mg==
x-hs-target-asset
collected-forms-embed-js/static-1.503/bundles/project.js
banner.js
js.hs-banner.com/v2/21408922/ 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/21408922/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21408922.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e480c15ddfc846f5236c73b467e46e4b9f9d48ea1863bf2c215b78619afad4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
x-amz-version-id
DC6NnxvkO1LoQ7ETRIrvsCMYKFGDw2HW
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
4S3N6RW66MBCRMB0
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
ac70e0d9-174b-4a03-a140-02c7b47b409c
x-envoy-upstream-service-time
70
x-amz-id-2
kJ8TDEiWti2QwvowFcxkhvtWvUT274atDmMAa/RoX/55PG5rsosMeY7+8AGp+p82WvCTMWupq/g=
x-evy-trace-listener
listener_https
x-request-id
ac70e0d9-174b-4a03-a140-02c7b47b409c
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 20 May 2024 18:12:12 GMT
server
cloudflare
etag
W/"bbda3fb333bd204cde655f5ef2c751c7"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://app.nucalm.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-qr8zh
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
88c48cf7f95ba034-FRA
expires
Fri, 31 May 2024 05:31:43 GMT
21408922.js
js.hs-analytics.net/analytics/1717133100000/ 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1717133100000/21408922.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21408922.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db2eb0ee045f93cc038c99471c2c626916d4f447731180976804b602f2fceb6a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
MISS
x-amz-request-id
9Q23M0TSJS56WDXK
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
b7faf0b7-a9f6-4ad2-be54-fc5ea1a1707f
x-envoy-upstream-service-time
17
x-amz-id-2
QpxfZ0QUYqQkSIuvaJcHC6ABqsXMWUcGlKU/5EjDdVG6jQoUFkSXq6n5tlW5MtE2PUgrOwMTnXs=
x-evy-trace-listener
listener_https
x-request-id
b7faf0b7-a9f6-4ad2-be54-fc5ea1a1707f
x-evy-trace-route-configuration
listener_https/all
last-modified
Thu, 30 May 2024 21:18:31 GMT
server
cloudflare
etag
W/"c41bb3e1b109a813de20086f8a3dcef5"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-qr8zh
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
88c48cf7f8be3825-FRA
expires
Fri, 31 May 2024 05:31:43 GMT
leadflows.js
js.hsleadflows.net/ 		551 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21408922.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8d11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd26d9d88899d0587c9377964b7d1ab478a318b0fdbee7b9d6a084e4aa6425f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Origin
https://nucalm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
age
63765
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1355/bundle/main/lead-flows-release.js&cfRay=88be783419e49f1b-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"be45bdb720f44c8db4ee42bc228ff2a8"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=86400, max-age=0
x-hs-target-asset
lead-flows-js/static-1.1355/bundle/main/lead-flows-release.js
date
Fri, 31 May 2024 05:26:43 GMT
x-amz-version-id
HLkmxotJV8gQ_mnvhNwLT9fnVmh1uWjb
x-content-type-options
nosniff
cf-cache-status
HIT
via
1.1 7c77abdf1c625c25627fe2a24e660a34.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
5c9d3204-b9cd-4b1b-98bf-f60bb10efd22
x-cache
Hit from cloudfront
cache-tag
staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
14
x-evy-trace-route-configuration
listener_https/all
x-request-id
5c9d3204-b9cd-4b1b-98bf-f60bb10efd22
last-modified
Thu, 30 May 2024 10:22:15 UTC
server
cloudflare
access-control-max-age
3000
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-vdptk
cf-ray
88c48cf7f9241e3e-FRA
x-amz-cf-id
_r0VtH3iAKwlQcbtZxzkO_B8sMi0TfsSfTaL1oGTLpbvVOgkfGZorA==
conversations-embed.js
js.usemessages.com/ 		85 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21408922.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7755235e6fd90c353228253660808bc27547ea6b91c3eea7040a8405eb0d52f1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
x-amz-version-id
rIURKS2I3u1VQ08RLj5xryVj0tKN8o2V
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
age
91
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.16486/bundles/project.js&cfRay=88c48abe7dc630c9-FRA
x-cache
Hit from cloudfront
x-hubspot-correlation-id
a2bb3619-5b1b-4d11-bfd4-47fa89d97f3e
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
5
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
a2bb3619-5b1b-4d11-bfd4-47fa89d97f3e
last-modified
Wed, 29 May 2024 13:51:09 UTC
server
cloudflare
etag
W/"66bcf319c6c1d77e7149053f10f789a6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-qbnbs
cf-ray
88c48cf7ff271911-FRA
x-amz-cf-id
QyT0iBKC3ayhA5SF8sv3W8nC49AWYUXlMC2Zw6fmmmyaM7mURxMY0A==
x-hs-target-asset
conversations-embed/static-1.16486/bundles/project.js
feedbackweb-new.js
js.hubspotfeedback.com/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hubspotfeedback.com/feedbackweb-new.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21408922.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4ffa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eeb4b3151078f83671aa4024a45b3f6f1c6ff6f71e017af2337a1cb56d743c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Origin
https://nucalm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
x-amz-version-id
Fw_3X3HEL5OYxyz44h5JKkNlW8YM.j8P
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
cf-cache-status
EXPIRED
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
7236b857-0b4f-4928-a947-971898e7f509
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=feedback-web-renderer-ui/static-1.19555/bundles/popupInjector.js&cfRay=88c48cf809471d9c-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-feedback-web-renderer-script-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
2
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
7236b857-0b4f-4928-a947-971898e7f509
last-modified
Thu, 16 May 2024 13:19:39 UTC
server
cloudflare
etag
W/"5d55924e5eac4637df8718ae2af8a572"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-ncdrp
cf-ray
88c48cf809471d9c-FRA
x-amz-cf-id
wP-GcNm_U7Jp4azohaS_gnlSBRT4DP__I2y6oa_SMZFyVksyeQCF9A==
x-hs-target-asset
feedback-web-renderer-ui/static-1.19555/bundles/popupInjector.js
public
api.hubspot.com/livechat-public/v1/message/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=21408922&conversations-embed=static-1.16486&mobile=false&messagesUtk=e526d9fd9e6d4916bbc415f0d99de1d3&traceId=e526d9fd9e6d4916bbc415f0d99de1d3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://nucalm.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://nucalm.com
allow
HEAD,GET,OPTIONS
cf-cache-status
DYNAMIC
cf-ray
88c48cf848765d44-FRA
content-length
18
content-type
text/plain; charset=utf-8
date
Fri, 31 May 2024 05:26:43 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MLq194ODosHBjbILyO5XYovVO8zgBDK4n%2B9KnilH9EvLb33Vq7RDu4t4DGKZnOSZ0AvcTcOxMialCAogj8ywbbRtAOwz%2FlO%2BjrpeHt9oc38f7qmth7iPfxzx6WYB8UqUT51ofGm5B8qS6L33Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5d47c8d44f-zjk9m
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
45b05448-45ca-4f83-baa2-da9dd3f1b7af
x-request-id
45b05448-45ca-4f83-baa2-da9dd3f1b7af
public
api.hubspot.com/livechat-public/v1/message/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=21408922&conversations-embed=static-1.16486&mobile=false&messagesUtk=e526d9fd9e6d4916bbc415f0d99de1d3&traceId=e526d9fd9e6d4916bbc415f0d99de1d3
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a34a749c4e8e26d70f0a5ddccc6b8b033892133bb2b9839f5f059629bccda16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
X-HubSpot-Messages-Uri
https://nucalm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
62dd7e97-22e6-4865-b952-289c0a3a8f82
x-envoy-upstream-service-time
58
content-length
1476
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
62dd7e97-22e6-4865-b952-289c0a3a8f82
server
cloudflare
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nucalm.com
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5d47c8d44f-mgjpg
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pd0mZ0f0IlcgUfTyka7LPv7q8ZuPFoOzVqd1NzfQ8iQwC3uuAM8O54SbeACDxiWeHfV1Scw0JhgNsUml7u0JVnlFLwZMkOx53VN%2FUmGJ%2BfvLwylH4FtzC5t7ZLG0E2VVjMJLaViJhOTe%2Bxzaew%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
88c48cf928ee5d44-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
json
forms.hscollectedforms.net/collected-forms/v1/config/ 		134 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=21408922&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3e0c45d82f95dfd6184da351d3eb9bfca70a4c51074d5f42e2256ff8e1b7b01
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
17606011-1eed-49ec-aa0a-e34a973cd368
x-envoy-upstream-service-time
10
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
17606011-1eed-49ec-aa0a-e34a973cd368
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nucalm.com
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-ddwd7
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
88c48cf8ed5d3a5c-FRA
css2
fonts.googleapis.com/ 		2 KB
865 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap
Requested by
Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/21408922/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fba31c2cd9699431dba47604216525f9bcc0cb1d5980fbae9b19c8b86454d2fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 31 May 2024 05:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 31 May 2024 05:03:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 31 May 2024 05:26:43 GMT
view
js.hs-banner.com/v2/activity/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/activity/view
Requested by
Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/21408922/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator, envoyset-translator
x-hubspot-correlation-id
fd50394e-bc8e-4c57-ac94-7333658fab89
x-envoy-upstream-service-time
21
x-evy-trace-route-configuration
listener_http/all, listener_https/all
x-evy-trace-listener
listener_http, listener_https
x-request-id
fd50394e-bc8e-4c57-ac94-7333658fab89
server
cloudflare
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-evy-trace-virtual-host
all, all
x-evy-trace-served-by-pod
iad02/private-hubapi-td/envoy-proxy-5f998ff6dc-jvdln, iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-q4rbs
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-origin
https://nucalm.com
access-control-allow-credentials
true
access-control-max-age
604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
88c48cfac9269962-FRA
view
js.hs-banner.com/v2/activity/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/activity/view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nucalm.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://nucalm.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age
604800
cf-cache-status
DYNAMIC
cf-ray
88c48cfa18b19962-FRA
content-length
0
content-type
application/octet-stream
date
Fri, 31 May 2024 05:26:43 GMT
server
cloudflare
timing-allow-origin
*
vary
origin
x-envoy-upstream-service-time
0
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-9fld2
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
6e3c549a-2480-4f49-a8ae-c47715476acf
x-request-id
6e3c549a-2480-4f49-a8ae-c47715476acf
e526d9fd9e6d4916bbc415f0d99de1d3
app.hubspot.com/conversations-visitor/21408922/threads/utk/ Frame 7B09 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/conversations-visitor/21408922/threads/utk/e526d9fd9e6d4916bbc415f0d99de1d3?uuid=23579b50dcc2487c8ef7e2a922690739&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=nucalm.com&inApp53=false&messagesUtk=e526d9fd9e6d4916bbc415f0d99de1d3&url=https%3A%2F%2Fnucalm.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options no-sniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://nucalm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
false
age
2155
cache-control
max-age=600
cache-tag
staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status
DYNAMIC
cf-ray
88c48cfabfbc9208-FRA
content-encoding
gzip
content-security-policy-report-only
script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.18942/html/index.html&cfRay=88c48cfabfbc9208&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F21408922%2Fthreads%2Futk%2Fe526d9fd9e6d4916bbc415f0d99de1d3%3Fuuid%3D23579b50dcc2487c8ef7e2a922690739%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Dnucalm.com%26inApp53%3Dfalse%26messagesUtk%3De526d9fd9e6d4916bbc415f0d99de1d3%26url%3Dhttps%253A%252F%252Fnucalm.com%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse%26hideScrollToButton%3Dtrue&referrer=https%3A%2F%2Fnucalm.com%2F&cfenv=prod&pdt=2024-05-31&csp=ro
content-type
text/html; charset=utf-8
date
Fri, 31 May 2024 05:26:43 GMT
etag
W/"3db1e6ea7ad12b99b27e301adeca361c"
last-modified
Wed, 29 May 2024 13:51:09 UTC
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints
default="https://send.hsbrowserreports.com/csp/reports?cfRay=88c48cfabfbc9208&resource=conversations-visitor-ui/static-1.18942/html/index.html"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
via
1.1 3d4bfc42e9575ee1f9559241c9e3f464.cloudfront.net (CloudFront)
x-amz-cf-id
JIuv9N91p2o1H51j4qUDBxCc4qSV2cCRLoBq-n2ermxgzt8dMzXT-w==
x-amz-cf-pop
IAD12-P3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
DKmXiQaRNF6d7XxIfV7fMiP44RSbc1Ty
x-cache
Hit from cloudfront
x-content-type-options
no-sniff
x-envoy-upstream-service-time
5
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-ncdrp
x-evy-trace-virtual-host
all
x-hs-cache-status
MISS
x-hs-target-asset
conversations-visitor-ui/static-1.18942/html/index.html
x-hs-worker-debug-mode
false
x-hubspot-correlation-id
5e89b9a3-dcda-439f-9dde-2eaba286c53e
x-request-id
5e89b9a3-dcda-439f-9dde-2eaba286c53e
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://nucalm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 14:52:31 GMT
x-content-type-options
nosniff
age
225252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 14:52:31 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://nucalm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 14:38:09 GMT
x-content-type-options
nosniff
age
226114
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 14:38:09 GMT
graph.Z9PWdalh.css
nucalm.com/_astro/ 		81 KB
388 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nucalm.com/_astro/graph.Z9PWdalh.css
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
020e91bc8b32368887cf9f346861d650073213b72f8c9f00cd4665249fa1b6f9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:43 GMT
content-encoding
gzip
cc-build-id
16636557
age
10447
cc-perf
hash-table=62;fetch-headers=23;t=101
cc-resolver
v3
cc-cache-group
default
content-length
14082
last-modified
Thu, 02 May 2024 17:38:25 GMT
server
nginx
etag
W/c8360a463c9189b44dcb8c450dfd48c2
cc-stable-domain
giant-dahlia.cloudvent.net
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes
settings
cdn.segment.com/v1/projects/DUoG9ERlxKrVdhrHWO6RJnCWAadkPao7/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/DUoG9ERlxKrVdhrHWO6RJnCWAadkPao7/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/DUoG9ERlxKrVdhrHWO6RJnCWAadkPao7/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1a82ec3d68b6ca9d158ae8d3906a2696c2b997a28d997ac2aefbd517bbc1903

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:45 GMT
x-amz-version-id
wOiuAN_qRqlkOKYDSMsOF9ANN.k3Gv7S
content-encoding
br
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 22 May 2024 12:28:14 GMT
server
AmazonS3
etag
W/"f58a1197f9ca4c3f8e09a37279fbb7c0"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
omvKBz8X5vENchpWNpCQVBuo_F77hEQ8W8ip1GIaIz2dXlaYbNG_pg==
ajs-destination.bundle.ed53a26b6edc80c65d73.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/DUoG9ERlxKrVdhrHWO6RJnCWAadkPao7/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 15:05:40 GMT
x-amz-version-id
1lCjHefPzcRt0EbQDFkkb.6FnzhNuKxa
content-encoding
br
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3939665
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 12 Apr 2024 21:39:45 GMT
server
AmazonS3
etag
W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
OpfrOS1W0DGm2sljBNbN9WZpq7Gnb85lDhHWAZmW_P1VEcHzX_h0lQ==
schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/DUoG9ERlxKrVdhrHWO6RJnCWAadkPao7/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 21:44:05 GMT
x-amz-version-id
GdbKd8UgUP5EXZpDaTRDFeJkJbyj8x6E
content-encoding
br
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
9272560
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 13 Feb 2024 18:05:05 GMT
server
AmazonS3
etag
W/"3867b2388b619ff7fddc29ef359fc9aa"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
Al7WjfjTDXlVsWFVFlzMzf8qq2SdCJSHByaQOtn1VCYVrM0zCgZhIg==
ff3d310be648837a8147.js
cdn.segment.com/next-integrations/actions/google-analytics-4-web/ 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/actions/google-analytics-4-web/ff3d310be648837a8147.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/DUoG9ERlxKrVdhrHWO6RJnCWAadkPao7/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a54ebf3ab69e8304f214bddb9e150fdd5fd01e953a0d1c2a2d64cc423dad7e43

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
WxxjHce9TonVzbz3I.ynWv1McSbwOaDv
content-encoding
br
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
date
Fri, 31 May 2024 00:54:15 GMT
x-amz-cf-pop
FRA6-C1
age
16350
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 22 May 2024 10:13:38 GMT
server
AmazonS3
etag
W/"76e452ba2329ae0ff3c21cd25f3a8411"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
FPcdicXwdHlUkfgYwXUpZmkgRhj373mZsIerHLn66xngkfBWHBlXRw==
f2b65540f91528301bda.js
cdn.segment.com/next-integrations/actions/845/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/actions/845/f2b65540f91528301bda.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/google-analytics-4-web/ff3d310be648837a8147.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5eaa930a247f99415a6c4955d96dbba2cd93a3dc92b5f8d3ad5334a8526d807

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
nIDy5slC9Qwp0UsYPEb8mzCwLdWdALMa
content-encoding
br
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
date
Thu, 30 May 2024 14:34:02 GMT
x-amz-cf-pop
FRA6-C1
age
53563
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 22 May 2024 10:13:36 GMT
server
AmazonS3
etag
W/"c99d6fae088cd5d0a0063eaa0d0d714f"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
JFtOt0x_S6k7Hh0a8omSrsb0g8HOCNXGM0dBNLUliBweYh1cACg9IQ==
facebook-pixel.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/facebook-pixel.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/DUoG9ERlxKrVdhrHWO6RJnCWAadkPao7/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6370f9ea258a05b7c088eac81d2e1893aae1bcca1127bad9df02e125ff86c99

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 21:50:52 GMT
content-encoding
gzip
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-version-id
73B4bUucoqQ.zop5Rb.39qMTDNo8ltid
x-amz-cf-pop
FRA6-C1
age
5470553
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3273
last-modified
Fri, 08 Mar 2024 07:35:29 GMT
server
AmazonS3
etag
"4b03a476015c2ba9b9e74e895b97c12c"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
bLDBJpxKNNHK9v7HiIq0zlbCrBuwIedQWtjV_sDxtzJqe4PKoNBq2w==
js
www.googletagmanager.com/gtag/ 		325 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N37C5T0590
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/845/f2b65540f91528301bda.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e631174b7b29c826c2984a4b31698f426a86fca2cbb0dee8683c66b3c5041dca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
108515
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 31 May 2024 05:26:44 GMT
commons.c42222c4cb2f8913500f.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/DUoG9ERlxKrVdhrHWO6RJnCWAadkPao7/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 10:56:48 GMT
content-encoding
gzip
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-version-id
HopHKmY9TBcR3b.zdj3KrkRozUW9hj.F
x-amz-cf-pop
FRA6-C1
age
4991397
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22177
last-modified
Fri, 08 Mar 2024 07:35:27 GMT
server
AmazonS3
etag
"befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
qpA27AAUwCuBedYzRLOLehR-ZCa_2yVRQCJFA_hHOvbs7QwmK0C7AQ==
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 31 May 2024 05:26:44 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1294, tbw=2789, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
rKpFQD0xmyOhp9+wWHD3kZWNfCq0vGQ7koMoRM9YJZfZb6pQ0c+TOzuNdl/i0Jzo5otCDlJUd7jGvHHdmgkEAw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
268384407656434
connect.facebook.net/signals/config/ 		50 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/268384407656434?v=2.9.156&r=stable&domain=nucalm.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6bd2b3b5816d7e2d1c3826c68e475d8aa447f7b2d0bca771875ddf3e980fe03d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 31 May 2024 05:26:45 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=65, mss=1294, tbw=63371, tp=-1, tpl=-1, uplat=71, ullat=0
pragma
public
x-fb-debug
5kDEHHq4lfu3Y1W4wn/PHuw09UmK2o1XXjmka08j6azVHeNAMrGXxiQZUhSxCRV61j/68QWUDS6Ysvei0J2rDQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
p
api.segment.io/v1/ 		21 B
170 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/DUoG9ERlxKrVdhrHWO6RJnCWAadkPao7/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.144.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-144-222.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nucalm.com
date
Fri, 31 May 2024 05:26:45 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=268384407656434&ev=PageView&dl=https%3A%2F%2Fnucalm.com%2F&rl=&if=false&ts=1717133205033&sw=1600&sh=1200&ud[external_id]=8874d3f896b3d98ec42f0da23179818f279ac74eb815263e6a655d95c608f38a&v=2.9.156&r=stable&a=seg&ec=0&o=4124&fbp=fb.1.1717133205028.997255067&cs_est=true&ler=empty&cdl=API_unavailable&it=1717133204934&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-next-1717133204969-e3530597-9bf9-45ba-98dc-a2e0f48019bf&rqm=GET
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1294, tbw=2817, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 31 May 2024 05:26:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=268384407656434&ev=PageView&dl=https%3A%2F%2Fnucalm.com%2F&rl=&if=false&ts=1717133205033&sw=1600&sh=1200&ud[external_id]=8874d3f896b3d98ec42f0da23179818f279ac74eb815263e6a655d95c608f38a&v=2.9.156&r=stable&a=seg&ec=0&o=4124&fbp=fb.1.1717133205028.997255067&cs_est=true&ler=empty&cdl=API_unavailable&it=1717133204934&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-next-1717133204969-e3530597-9bf9-45ba-98dc-a2e0f48019bf&rqm=FGET
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xdbaa7e5bc9136131","source_keys":["1","2"]},{"key_piece":"0xfec275c88a29a038","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Fri, 31 May 2024 05:26:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=14, mss=1294, tbw=3134, tp=-1, tpl=-1, uplat=162, ullat=0
pragma
no-cache
x-fb-debug
LNsXnKEFon8kRxrp4Lw4+PrUa9AbR+JQ5aPF+/un6T6LrcHL5XMSmbhscDMIDc99nGAhlZorvoEVHi/S1Aurrw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
feedback-web-fetcher
app.hubspot.com/ Frame 6343 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/feedback-web-fetcher
Requested by
Host: js.hubspotfeedback.com
URL: https://js.hubspotfeedback.com/feedbackweb-new.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options no-sniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://nucalm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
58151
cache-control
max-age=0, no-cache, no-store
cf-cache-status
HIT
cf-ray
88c48d051d979208-FRA
content-encoding
br
content-security-policy-report-only
script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: *.fullstory.com fullstory.com apis.google.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=feedback-web-renderer-ui/static-1.19555/html/fetcher.html&cfRay=88c48d051d979208&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Ffeedback-web-fetcher&referrer=https%3A%2F%2Fnucalm.com%2F&cfenv=prod&pdt=2024-05-31&csp=ro
content-type
text/html; charset=utf-8
date
Fri, 31 May 2024 05:26:45 GMT
expires
Sat, 01 Jun 2024 05:26:45 GMT
last-modified
Thu, 16 May 2024 13:14:18 GMT
nel
{"report_to":"nel","max_age":86400}
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]} {"group":"nel","max_age":86400,"endpoints":[{"url":"https://nel.hsbrowserreports.com/browser/reporting/reports"}]}
reporting-endpoints
default="https://send.hsbrowserreports.com/csp/reports?cfRay=88c48d051d979208&resource=feedback-web-renderer-ui/static-1.19555/html/fetcher.html"
server
cloudflare
server-timing
cfr;desc=88c48d051d979208, d;desc="feedback-web-renderer-ui#7bfe20c1-d7b7-46f3-a539-ff6126b7661f"
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 9ac192ffc1203361ea1141b56df84966.cloudfront.net (CloudFront)
x-amz-cf-id
Uqc_Boy7yzYClVXZVG7-_PDlm7gkbSaoLCX5P8hqcvioaKdiI9AzQg==
x-amz-cf-pop
AMS58-P3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
ixDbEtuL6PWCAmZi4QOhdcITzfyTzCu2
x-cache
Miss from cloudfront
x-content-type-options
no-sniff
x-hs-target-asset
feedback-web-renderer-ui/static-1.19555/html/fetcher.html
x-hs-worker-debug-mode
false
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=1608735010&v=1.1&a=21408922&rcu=https%3A%2F%2Fnucalm.com%2F&pu=https%3A%2F%2Fnucalm.com%2F&t=NuCalm+Home+%7C+The+Ultimate+Solution+for+Stress+and+Sleep+Management&cts=1717133205287&rv=1&vi=455be39317ea4e9a488a0b3d706268d1&nc=true&ce=false&cc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
4a74e2d4-64e2-40c9-8b67-d74c7e2049a6
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
8
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
4a74e2d4-64e2-40c9-8b67-d74c7e2049a6
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=56iBrfCNbmQM%2F%2F5a8O3tX2rqG%2FyGiR2PZTpI0O%2FsUbqbF19zBR6pF3Kt7SxOpPNq7SsvdI%2BkD9IeD63pgpHvlu57xBKNBlPzmfIP1CCuTWMib%2F9cL%2B8QnXs%2BaCtGoiH%2Fy7lmpVtzHbMbBTLAHvcT"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-9rddg
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
88c48d054b2d2c73-FRA
x-robots-tag
none
partytown-sandbox-sw.html
nucalm.com/~partytown/ Frame DCAF 		31 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://nucalm.com/~partytown/partytown-sandbox-sw.html?1717133205338
Requested by
Host: nucalm.com
URL: https://nucalm.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c4a6310bc6e1ff26717197600db1257bc9c8a8b62a7ccf76f1ccaaa6ee99c2e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://nucalm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store
content-type
text/html
json
forms.hubspot.com/lead-flows-config/v1/config/ 		178 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=21408922&currentUrl=https%3A%2F%2Fnucalm.com%2F
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f566cc67a13c884e71ecc61ea94c4017b30eb5315a686214f63008ea5157626a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
0c1ddb96-63ad-444d-8d7b-49ebfc3c2cf9
content-encoding
br
x-envoy-upstream-service-time
22
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
0c1ddb96-63ad-444d-8d7b-49ebfc3c2cf9
server
cloudflare
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nucalm.com
x-evy-trace-virtual-host
all
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-9fd6b4b-md7fl
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AVis4xEo6DwLY85W5rrsjOunlwpOSE2WDahbrWRDafo24FPqpb7GzkVypGeQjbrgAa8MtDMQmB3fERDaF89T80VvmqiHIUlvTs5PSXiqZEIYaVKnul7s7cGp%2Fb6AVbViG3UsmbW0VIWs%2BuEi3Btm"}],"group":"cf-nel","max_age":604800}
x-robots-tag
none
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
88c48d0588995d44-FRA
a2327055-fd59-4ff6-89d5-64bffb922fa3
https://nucalm.com/ Frame DCAF 		22 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nucalm.com/a2327055-fd59-4ff6-89d5-64bffb922fa3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5eb57447c8ee5371823a85a24f0f00d6f48ffcd33322184d35d9ab195287561a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
22826
Content-Type
text/javascript
favicon.ico
nucalm.com/ 		34 KB
34 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nucalm.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.8.178.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-178-132.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
179c6168ddf28bc65e09005a67bc56f93eccecd10187d7797b14c6debdb5a078

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nucalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 05:26:45 GMT
cc-build-id
16636557
age
10386
cc-perf
site-load=12;hash-table=55;fetch-headers=49;t=123
cc-resolver
v3
cc-cache-group
default
content-length
34494
last-modified
Thu, 09 Nov 2023 19:07:04 GMT
server
nginx
etag
99bf745dd5356543b4a05d49b9fd8646
cc-stable-domain
giant-dahlia.cloudvent.net
content-type
image/x-icon
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| fpr object| analytics object| partytown object| dataLayer object| FPROM boolean| fprom_loaded object| _hsp boolean| hubspot_live_messages_running object| HubSpotConversations object| _hsq object| globalRoot undefined| hns function| bindToWindowOnError object| leadflows object| hubspot function| OutpostErrorReporter function| _registerAvailablePopup object| _availablePopups boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| Pikaday undefined| reqwest undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN object| __hsCollectedFormsDebug object| hsFeedback object| onHsFeedbackReady boolean| hsFeedbackLoaded object| _paq function| sanitizeKey boolean| _hstc_loaded object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran boolean| google-font-injected object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| webpackChunkDestination function| google-analytics-4-webDestination function| gtag undefined| _ptf object| facebook-pixelDeps function| facebook-pixelLoader object| webpackJsonp_name_Integration function| setImmediate function| clearImmediate function| facebook-pixelIntegration function| _fbq function| fbq object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady boolean| _hstc_ran string| __hsUserToken object| hsCallsToActionsReady number| expireDateTime boolean| LEAD_FLOW_DOCUMENT_READY_RAN

8 Cookies

Domain/Path Name / Value
.vimeo.com/ Name: vuid
Value: pl1436714984.502459506
.vimeo.com/ Name: __cf_bm
Value: S66rh5McFv8Wrl4saAUKOgWl5XbK2U8LwSL5LFX7DxA-1717133203-1.0.1.1-FIS2vcUfNAT2S5DwM49LL8jQ1YNqI25XnP5FQtnEHEv6EPCAVLp4nzKtC9fvTrtXrt54xCUZ3AwQlFltCm_cDg
.vimeo.com/ Name: _cfuvid
Value: Oh70qOjEmMkOc5TzptGO38E_DScy7RCf8TuQmqHZEfE-1717133203957-0.0.1.1-604800000
.nr-data.net/ Name: JSESSIONID
Value: 1c3b72f59ee2a67c
.nucalm.com/ Name: ajs_anonymous_id
Value: 6be35305-979b-4935-ba18-dca2e0f48019
.nucalm.com/ Name: _fbp
Value: fb.1.1717133205028.997255067
.hubspot.com/ Name: __cf_bm
Value: 6m3nheErtabp3D9OAUjvvHqpZUHGbpusnFv9M6XIs00-1717133214-1.0.1.1-TmDpVlNJgMEdSXEE2TmNLT8wUJss3ZeB5E2H2Jn5RLvxalRlQWNwCkh0yk__CG68BdbjnZPt2xRhqXJUpnWQbQ
.hubspot.com/ Name: _cfuvid
Value: Wta9DfMEtJoQ4MLawWWQy5gIXyDcSSTTggY34CLeAhk-1717133214756-0.0.1.1-604800000

36 Console Messages

Source Level URL
Text
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
worker verbose URL: https://script.hotjar.com/modules.7b6d7646601d8cd7fb5f.js(Line 3)
Message:
🐛 [safeNative] Unable to access property with name [bound btoa] from an IFrame context
worker verbose URL: https://script.hotjar.com/modules.7b6d7646601d8cd7fb5f.js(Line 3)
Message:
🐛 [safeNative] Unable to access property with name [bound atob] from an IFrame context
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucalm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
api.segment.io
app.hubspot.com
cdn.firstpromoter.com
cdn.segment.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
forms.hubspot.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsleadflows.net
js.hubspotfeedback.com
js.usemessages.com
nucalm.com
player.vimeo.com
track.hubspot.com
www.facebook.com
www.googletagmanager.com

162.159.138.60
2600:9000:266e:e400:1e:b6b6:9ac0:93a1
2606:4700:4400::ac40:991b
2606:4700::6810:4f8e
2606:4700::6810:6ffe
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:8bd1
2606:4700::6810:a0a8
2606:4700::6811:4ffa
2606:4700::6812:8d11
2a00:1450:4001:800::200a
2a00:1450:4001:81c::2008
2a00:1450:4001:82a::2003
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
35.163.144.222
52.8.178.132
99.86.8.175
020e91bc8b32368887cf9f346861d650073213b72f8c9f00cd4665249fa1b6f9
0eeb4b3151078f83671aa4024a45b3f6f1c6ff6f71e017af2337a1cb56d743c0
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
179c6168ddf28bc65e09005a67bc56f93eccecd10187d7797b14c6debdb5a078
2c69091df95e78ad89d41a0b77399226d831f6175b34c22bf036a8fe62587b29
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
41a5e5272f32ab2b0620be9508d592bf8b712f0bb186ba5bca22cfd00eaa9646
428fefa036de5a227b40945c94be22b37a89516bc6b8a5c0dd09b88e17fd9ddf
47725aab2ec4e8956b48e735c99b4589a04c00845d896d3e98c798d3caad2ac3
4a34a749c4e8e26d70f0a5ddccc6b8b033892133bb2b9839f5f059629bccda16
4c4a6310bc6e1ff26717197600db1257bc9c8a8b62a7ccf76f1ccaaa6ee99c2e
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
57f0ca38e630309721a8aae3e46708026059e22ba3c0a32173a93b00452928bc
5eb57447c8ee5371823a85a24f0f00d6f48ffcd33322184d35d9ab195287561a
65d07fc638a25c24977b896dfbc3ae24095710055d12b95176a455769f4b1305
69b38a454ebf8bd9ddbb7de619cb374a5f1d4039ad26d5033bc1952dc13efdcb
6bd2b3b5816d7e2d1c3826c68e475d8aa447f7b2d0bca771875ddf3e980fe03d
7755235e6fd90c353228253660808bc27547ea6b91c3eea7040a8405eb0d52f1
86be3b270f4ffbead4d9387bd0767014497bf2faaf2664b7779c94168e8bdbbc
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9313a1d6329af4d8f77cc7b4e71558f72819682d8a3eef1b9d0d6201e24062fd
942645dad13df4b278069be1f693706b79f2e4b1c4fc1e32a9229f9a24f2ab85
9607ba6879a3fe4a65b4f1003c006ba1603dd1123a57a34fb9aacfd7033f4b18
993e692edee6daae1dac9fd2d41d17309ad39a099e9cc413c8c8f4d1638d77f4
a225069d5c6d019effe2e12b08e765dba7cc2d7da009f4780bb1f915eb564aab
a54ebf3ab69e8304f214bddb9e150fdd5fd01e953a0d1c2a2d64cc423dad7e43
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aab0d7d326bcada8b73bfc07bab62ecef6d8611dd8d969864a421adb62900807
ad87fb7bb276148b78bf98a4eedfe8f3c50da4b598abfc1750983d3d016553f9
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b5b50b745d7e4b3745a141239b560e4e4e927bac8e5500dc58b72531d463f86c
b6e777e59bb8a88f84cc8332a6d8c0db52d9b0947c85ab3983144b6681cb29c3
c1eaadd52a15979845a5bdcf22f9f2ff3b04c2b850dc4e36a01516892b093495
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c85ef5a42470edb148c32dc1c3c398ce149875f90f1d54c3903ee205d3e80f4a
c8cfedc252e6b03469c99e3903de95d7e3e742d2855c93d2d38bc6586f0ffe69
d16fb321316a5fc3f5bff62ebaa5bdca1b1bc1cfb532037a2930117980fd187b
d1a82ec3d68b6ca9d158ae8d3906a2696c2b997a28d997ac2aefbd517bbc1903
d2e480c15ddfc846f5236c73b467e46e4b9f9d48ea1863bf2c215b78619afad4
db2eb0ee045f93cc038c99471c2c626916d4f447731180976804b602f2fceb6a
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd26d9d88899d0587c9377964b7d1ab478a318b0fdbee7b9d6a084e4aa6425f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5eaa930a247f99415a6c4955d96dbba2cd93a3dc92b5f8d3ad5334a8526d807
e631174b7b29c826c2984a4b31698f426a86fca2cbb0dee8683c66b3c5041dca
e6370f9ea258a05b7c088eac81d2e1893aae1bcca1127bad9df02e125ff86c99
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
efecd91237d67e404b31d17eee73232a75cb8c47640472e6bf0284830e5d023c
f06a63fe5914a4dba8a751a8d8ba21ef8bc692621cb63fb80efddacb3fba735e
f3e0c45d82f95dfd6184da351d3eb9bfca70a4c51074d5f42e2256ff8e1b7b01
f566cc67a13c884e71ecc61ea94c4017b30eb5315a686214f63008ea5157626a
fa39934f15d187f3fd0859f1379f1f3d67705cde3990a08a939652bd17f8c49e
fba31c2cd9699431dba47604216525f9bcc0cb1d5980fbae9b19c8b86454d2fc