www.norcal-group.com Open in urlscan Pro
2606:2c40::c73c:67e4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.norcalmutual.com/
Effective URL:
https://www.norcal-group.com/
Submission: On July 12 via automatic, source certstream-suspicious (July 12th 2024, 4:35:24 pm UTC) — Scanned from DE

Summary HTTP 60 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 18 domains to perform 60 HTTP transactions. The main IP is 2606:2c40::c73c:67e4, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.norcal-group.com.
TLS certificate: Issued by WE1 on June 14th 2024. Valid for: 3 months.

This is the only time www.norcal-group.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:2c40::c7... 2606:2c40::c73c:671c	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
18	2606:2c40::c7... 2606:2c40::c73c:67e4	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
10	2606:4700::68... 2606:4700::6813:b234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:5a3e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:ae5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.1.167 151.101.1.167	54113 (FASTLY) (FASTLY)
3	2606:4700:440... 2606:4700:4400::6812:297c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a0a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6813:afbc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	169.48.219.66 169.48.219.66	36351 (SOFTLAYER) (SOFTLAYER)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
5	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
60	18

1 2606:2c40::c73c:671c (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.norcalmutual.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:2c40::c73c:67e4 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.norcal-group.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
files.norcal-group.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6813:b234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:5a3e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ae5b (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.167 (San Francisco, United States)

ASN54113 (FASTLY, US)

s.swiftypecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:297c (United States)

ASN13335 (CLOUDFLARENET, US)

508142.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:afbc (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.48.219.66 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 42.db.30a9.ip4.static.sl-reverse.com

cc.swiftype.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn6s32qpgp6gmgq73-norcalmutualinsuranc.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	norcal-group.com www.norcal-group.com files.norcal-group.com	898 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 332	150 KB
6	hubspot.com app.hubspot.com — Cisco Umbrella Rank: 5364 js.hubspot.com — Cisco Umbrella Rank: 3865 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 3922 track.hubspot.com — Cisco Umbrella Rank: 2271	28 KB
5	qualtrics.com zn6s32qpgp6gmgq73-norcalmutualinsuranc.siteintercept.qualtrics.com siteintercept.qualtrics.com — Cisco Umbrella Rank: 748	30 KB
3	hsforms.com forms-na1.hsforms.com — Cisco Umbrella Rank: 6802 perf-na1.hsforms.com — Cisco Umbrella Rank: 4164	2 KB
3	hubspotusercontent-na1.net 508142.fs1.hubspotusercontent-na1.net	16 KB
3	swiftypecdn.com s.swiftypecdn.com — Cisco Umbrella Rank: 12509	148 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 67	21 KB
2	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2093	28 KB
1	google.de www.google.de — Cisco Umbrella Rank: 9452	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 133	258 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3541
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 72	97 KB
1	swiftype.com cc.swiftype.com — Cisco Umbrella Rank: 13495	279 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2118	24 KB
1	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 5460	5 KB
1	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 8318	2 KB
1	norcalmutual.com 1 redirects www.norcalmutual.com	912 B
60	18

	Domain	Requested by
17	www.norcal-group.com	www.norcal-group.com
10	cdn.cookielaw.org	www.norcal-group.com cdn.cookielaw.org
3	siteintercept.qualtrics.com	zn6s32qpgp6gmgq73-norcalmutualinsuranc.siteintercept.qualtrics.com siteintercept.qualtrics.com
3	track.hubspot.com
3	508142.fs1.hubspotusercontent-na1.net	www.norcal-group.com
3	s.swiftypecdn.com	www.norcal-group.com s.swiftypecdn.com
2	zn6s32qpgp6gmgq73-norcalmutualinsuranc.siteintercept.qualtrics.com	www.norcal-group.com
2	www.google-analytics.com	www.norcal-group.com www.google-analytics.com
2	forms-na1.hsforms.com	www.norcal-group.com
2	js.hs-banner.com	www.norcal-group.com js.hs-banner.com
1	www.google.de	www.norcal-group.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	perf-na1.hsforms.com	www.norcal-group.com
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	cc.swiftype.com	www.norcal-group.com
1	js.hubspot.com	www.norcal-group.com
1	js.hs-analytics.net	www.norcal-group.com
1	app.hubspot.com	www.norcal-group.com
1	files.norcal-group.com	www.norcal-group.com
1	static.hsappstatic.net	www.norcal-group.com
1	cdn2.hubspot.net	www.norcal-group.com
1	www.norcalmutual.com	1 redirects
60	24

This site contains links to these domains. Also see Links.

Domain
secure.proassurance.com
www.proassurance.com
proassurancegroup.com
www.onetrust.com

Subject Issuer	Validity	Valid
www.norcal-group.com WE1	`2024-06-14` - `2024-09-12`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2024-03-06` - `2024-12-31`	10 months	crt.sh
hsappstatic.net E5	`2024-07-06` - `2024-10-04`	3 months	crt.sh
s.swiftypecdn.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
files.norcal-group.com WE1	`2024-06-16` - `2024-09-14`	3 months	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2023-12-26` - `2024-12-25`	a year	crt.sh
hubspot.com E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
hs-analytics.net WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
hs-banner.com E1	`2024-05-30` - `2024-08-28`	3 months	crt.sh
hsforms.com WE1	`2024-06-14` - `2024-09-12`	3 months	crt.sh
*.swiftype.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-17` - `2025-06-16`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.de WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-27` - `2025-02-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.norcal-group.com/
Frame ID: 06B49BACF05164EA222F3D275B08CC68
Requests: 64 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NORCAL Group - Medical Professional Liability Insurance

Page URL History Show full URLs

https://www.norcalmutual.com/ HTTP 301
https://www.norcal-group.com/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

100 %
HTTPS

83 %
IPv6

18
Domains

24
Subdomains

18
IPs

4
Countries

1517 kB
Transfer

3634 kB
Size

19
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.proassurance.com/?__hstc=227165570.583b70e5c71c53adad76b017e762e30a.1720802118803.1720802118803.1720802118803.1&__hssc=227165570.1.1720802118803&__hsfp=321484724
Title: Sign In

Search URL Search Domain Scan URL

URL: https://www.proassurance.com/contact-us/?__hstc=227165570.583b70e5c71c53adad76b017e762e30a.1720802118803.1720802118803.1720802118803.1&__hssc=227165570.1.1720802118803&__hsfp=321484724
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.proassurance.com/report-a-claim/?__hstc=227165570.583b70e5c71c53adad76b017e762e30a.1720802118803.1720802118803.1720802118803.1&__hssc=227165570.1.1720802118803&__hsfp=321484724
Title: Claims

Search URL Search Domain Scan URL

URL: https://proassurancegroup.com/privacy-policy?hsLang=en-us&__hstc=227165570.583b70e5c71c53adad76b017e762e30a.1720802118803.1720802118803.1720802118803.1&__hssc=227165570.1.1720802118803&__hsfp=321484724
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.norcalmutual.com/ HTTP 301
https://www.norcal-group.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.norcal-group.com/
Redirect Chain

https://www.norcalmutual.com/
https://www.norcal-group.com/

44 KB
11 KB

559ms
211ms

Document
text/html

2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norcal-group.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

225f82a539996f3920a59e1f7788465df90e61ebd5178aa7119465892d31d4f5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=7200,max-age=5
cache-tag: CT-3219156009,P-508142,L-3196151071,L-3232009710,L-6324497000,W-6324504461,E-2708901728,E-3209674544,E-3232009850,E-6321259971,MENU-6324504461,PGS-ALL,SW-4,GC-28646655332,GC-29135542951
cf-cache-status: HIT
cf-ray: 8a227211bc5e66e4-AMS
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=utf-8
date: Fri, 12 Jul 2024 16:35:17 GMT
edge-cache-tag: CT-3219156009,P-508142,L-3196151071,L-3232009710,L-6324497000,W-6324504461,E-2708901728,E-3209674544,E-3232009850,E-6321259971,MENU-6324504461,PGS-ALL,SW-4,GC-28646655332,GC-29135542951
last-modified: Fri, 12 Jul 2024 14:49:18 GMT
link: </hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>; rel=preload; as=script, </hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script, </_hcms/forms/v2.js>; rel=preload; as=script
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VQxx1Rf4uoBnTDAYnR3DbnAGWjL3n1Y83E3cH%2BW56kZQrkFcgs2WjdGVFAp6utCb8unfsn0e3HNRreJ9ZWSZM2P4OOIr5BMuvTgZpOXjG8PaZbKqxXBksZvrfYjcU3w0B1kJjP4%2Fi24eAlOrv2tJiKbe"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 105
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/cms-40-49-td/envoy-proxy-d54bc89fd-m7m2m
x-evy-trace-virtual-host: all
x-hs-cache-config: BrowserCache-5s-EdgeCache-7200s
x-hs-content-campaign-id: 1e2e8f55-410c-4d11-b71e-a0526bdff7cc
x-hs-content-id: 3219156009
x-hs-hub-id: 508142
x-hubspot-correlation-id: 9664329d-4058-4ce3-bddb-dfb101995dfd
x-request-id: 9664329d-4058-4ce3-bddb-dfb101995dfd

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=120
cf-ray: 8a22720f4e77b7d8-AMS
content-length: 0
content-security-policy: upgrade-insecure-requests
date: Fri, 12 Jul 2024 16:35:17 GMT
location: https://www.norcal-group.com/
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eH7UTbg1Xh68xxnjVl4NrsGo4Xd4e4kEkQOuLDg7kCa2nddiJGIcT1qYtHUtqZ8yj%2Bco216lUFhgxI70xqCO%2BLyPA8Gik4r3t2ci6%2BD7A%2BaF4w9SyePb5t4CDJc7hJugc0eA4eAQjYIt3eHfvqtWt1jK"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-hs-mapping-id: 44209007244
x-hs-mapping-only-after-not-found: no
x-hs-prerendered: Tue, 09 Jul 2024 15:17:05 GMT
x-hs-route-prefix: http://www.norcalmutual.com

GET
H3 200 project.js Show response
www.norcal-group.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 2 KB
1 KB 118ms
116ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norcal-group.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:17 GMT
content-encoding: gzip
via: 1.1 8e938055f42c443f0a23b6c9d3d144d8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
age: 9797813
x-amz-cf-pop: LHR61-P2
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: Miss from cloudfront
x-amz-version-id: gEenO44eZUewxnIWfgj9q6LB.g9OszNv
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 19 Aug 2020 22:24:11 GMT
server: cloudflare
etag: W/"ef84f26c310485299d6b75777414eddb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bue%2B6V3B4P5rI6Dfx9yxj5kuQUYBAb10zWE3xWf1LQpkMezeSMKd9B9wTPWBKYtsA1vVuFutWdAHrbcQo7kJGzjkUMTdc2g8UtQXSOJh64KTu0Lli7W5Gbc9YQaxX9pgSyWsIb0oekj9zE2fU55HNd3g"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8a2272133e2f66e4-AMS
x-amz-cf-id: rMCXmVl5WMW_c2c1aGUsDBiE8de_BYlXycxAa6-EWocCpygnDRtXTQ==
expires: Sat, 12 Jul 2025 16:35:17 GMT

GET
H3 200 project.js Show response
www.norcal-group.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 118ms
117ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norcal-group.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:17 GMT
content-encoding: gzip
via: 1.1 9adf50a068a92adaab58cf6a21118640.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
age: 9585719
x-amz-cf-pop: AMS58-P5
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: Hit from cloudfront
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tgYUub3Jd%2BQnFW3YY4TIYHbA1PUevKaCOuJr5GT%2F6I4fDs4Qid5uiNJOgk5cSZnr0OfwwdmYHHT%2BjeXCikvSC9O%2BDAh3fWuP%2BwuQ2c3aWeZEHz0a2S5Ii8IUl8%2BjfFk2o7UudOfdbeeSxxKnzImuAj2C"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8a2272133e3866e4-AMS
x-amz-cf-id: wpV40ddnJLVAvF4asKmU2ms3HdkihaaK5YkoTdbjgNvnKFU_g51jAQ==
expires: Sat, 12 Jul 2025 16:35:17 GMT

GET
H3 200 v2.js Show response
www.norcal-group.com/_hcms/forms/ 482 KB
160 KB 74ms
73ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norcal-group.com/_hcms/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee3184f88b136b6ad521ec8d57fcf138b0c78172ee82e5d8773998bebac6486d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 575
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5387/bundles/project-v2.js&cfRay=8a22640723139718-AMS
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"56164b8f5dbcf6e65e555e48d5d6176a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5387/bundles/project-v2.js
date: Fri, 12 Jul 2024 16:35:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 3d4bfc42e9575ee1f9559241c9e3f464.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-amz-version-id: mnlqbpb.vUvH_hPLxl7NeOxIrfIBia92
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 14c4ec9b-b812-454a-88d7-245b914a9a19
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 14c4ec9b-b812-454a-88d7-245b914a9a19
last-modified: Thu, 06 Jun 2024 13:36:59 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M2XVW1nbClsd0auxP9OhvY4tsa7oG5sBADfaNn9590IEoCZxy%2Bpg%2BYliaEzqK1BONQFVgxB%2Bx8kPy6Qz6wTXFY11qscsRRlwA%2F0QqXlu9UFNePHsOZgB017l5nF8Egl9l9JtV71X2YR0YzL2pjJWSW24"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-wf75s
cf-ray: 8a2272133e3c66e4-AMS
x-amz-cf-id: Pp4IY7kdK9IvewyeXk0Z00FsqN5xqA6z8YAFfqq87LQqzPSvxINjJA==

GET
H3 200 jquery-1.11.2.js Show response
www.norcal-group.com/hs/hsstatic/jquery-libs/static-1.4/jquery/ 94 KB
33 KB 145ms
144ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norcal-group.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:17 GMT
content-encoding: gzip
via: 1.1 cb6a2c71695f851967f08ee8b2defc0c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
age: 10453953
x-amz-cf-pop: AMS58-P5
content-security-policy: upgrade-insecure-requests
x-cache: RefreshHit from cloudfront
x-amz-version-id: null
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 08 Jan 2015 18:08:00 GMT
server: cloudflare
etag: W/"5790ead7ad3ba27397aedfa3d263b867"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kBz19xKeP85nBc6rH0tqSLs3lFPyAXjdMPBaLyVTa8u4%2F1ie43VmtyfxBrFbBWHPPIz1dpktkigKvnRITierYWQAJ29u6wafT0%2Fj7IPdDVNA%2FuQmHCxDhdZhn7R7qIREtctDrJIK3w3PcyX0o5oswEo4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8a2272133e3f66e4-AMS
x-amz-cf-id: 5m0Z5v3nqjxqwdJsMI6-9WvAJ7o3lWNyn0jVNtOfVic5Th6Tk5ohuw==
expires: Sat, 12 Jul 2025 16:35:17 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 58ms
28ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0c289faa80333eff728b8bdbbf10b11dec1a6e1938a444e1cc41be6744e96d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Jul 2024 16:35:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: XOljGHrVMK6J8mT+Nl48OQ==
age: 3622
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Thu, 11 Jul 2024 19:23:47 GMT
server: cloudflare
etag: 0x8DCA1DEFD071E30
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d82a3e46-c01e-005e-56f3-d36089000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8a2272135b5a0bb3-AMS

GET
H3 200 layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1720792622977/hubspot/hubspot_default/shared/responsive/ 4 KB
2 KB 62ms
35ms Stylesheet
text/css 2606:4700::6812:5a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1720792622977/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: www.norcal-group.com
URL: https://www.norcal-group.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 356bb4bf2245a68ee5de5732b5574260dd2016a2c3987e17ad97fb2586a883d1

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
age: 9459
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"fda5882b24ca5a84d04d090722dc713b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1720792623616
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 16:35:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 8b9cb13d-8f7d-40f6-8cee-35643aba25ef
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 163
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 8b9cb13d-8f7d-40f6-8cee-35643aba25ef
last-modified: Fri, 12 Jul 2024 13:57:04 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j4U6XjJpuoX9KSeW%2F%2BiRNJJj9FubeF4%2BgX%2F%2BxOewikZrDabKNOZOJIxTY4hhohwyyceJyeH8zFI8QnY1SnpipMw0zahql4adbpFe7y1ZCW%2FJdbruZ3qHvp1EjXK4rcV%2FSfqaTMwOJE5CBrxNM1Y%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-7bc58b7fb6-g67cx
cf-ray: 8a2272135fa541d4-AMS
timing-allow-origin: cdn2.hubspot.net

GET
H3 200 Norcal_Mutual_Aug2015-style.css
www.norcal-group.com/hs-fs/hub/508142/hub_generated/template_assets/3232009850/1588706221898/Coded_files/Custom/page/Norcal_Mutual_Aug2015-theme/ 500 KB
304 KB 183ms
182ms Stylesheet
text/css 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norcal-group.com/hs-fs/hub/508142/hub_generated/template_assets/3232009850/1588706221898/Coded_files/Custom/page/Norcal_Mutual_Aug2015-theme/Norcal_Mutual_Aug2015-style.css

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

61402f3da6c023f462dd4c9c3f7676cb4e56fcbee4e875fdfd339dc3111b0d8a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-amz-request-id: B7TJVJGN5DDJDWR3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"1b51d0b4a327ef49a3359ef2ce90958a"
vary: origin, Accept-Encoding
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 16:35:17 GMT
via: 1.1 f2c051917a765f1d1a1cd2ce1622adb8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD89-C1
x-hubspot-correlation-id: c3021787-1595-4d5a-9d27-5c671af18eb4
x-amz-version-id: 566LgJgKc5U_.OYbjkFH6U62N7dhbJKA
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 283
alt-svc: h3=":443"; ma=86400
x-amz-id-2: uAd5fT/Kz75DP2KxE2iE0MiN5gWb6C1pAKSP02SIok/LOiaSoGNYRZT5FdM9wV1sqFfwExQdiMo=
x-request-id: c3021787-1595-4d5a-9d27-5c671af18eb4
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 05 May 2020 19:17:02 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2FNXilz9Gm0ECnpwRKoTq1GDgZWtcFcX5hDiFn9UDPQs7dypW1AiZyLDpdjZhQnWHuqQzfKKw4PGKyfMf2BZ5hMao8mCdWBgwSPd7LKfv%2FV2sq3kuctGEZh6UY6LNpp2gSEjKF3xn0zyEL%2Fgt%2BxnAk96"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-x5qbk
access-control-allow-credentials: false
cf-ray: 8a2272133e4166e4-AMS
timing-allow-origin: www.norcal-group.com
x-amz-cf-id: mY5bjVcthBRhGJTvszPZFDLpFFsMP5_AVkSaELbYFBHqj2uu-ACp6w==

GET
H3 200 NGX-Style.css
www.norcal-group.com/hs-fs/hub/508142/hub_generated/template_assets/6321259971/1681305992871/Coded_files/Custom/page/NORCAL_Group_X_CSS/ 501 KB
304 KB 75ms
74ms Stylesheet
text/css 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norcal-group.com/hs-fs/hub/508142/hub_generated/template_assets/6321259971/1681305992871/Coded_files/Custom/page/NORCAL_Group_X_CSS/NGX-Style.css

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

801cba7466df0e6bf3e389d72214892f10888bd353f7ba17d05b692d703c7d07

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
age: 1658
x-amz-request-id: EANWH2W9H4EV7B0M
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"a8fb3b668ffc075498acf6d5e92436f2"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1681305992872
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 16:35:17 GMT
via: 1.1 5eb5e19c1a78889d10ff38f1551ed2aa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: 8dyyphaUNZ4KHYwi9YE6ZqSlTLv_s3DR
x-cache: Miss from cloudfront
x-hubspot-correlation-id: a8a0bd20-57f4-493f-96d9-2ee0b3a0e77f
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 297
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 4HEQ7tie1SkxxSWZnmblg3ybIX+aNGHCprQmR/Zju+VYqu+0qwuOaF3TpECMK2jl6WrbXKYyXFA=
x-evy-trace-route-configuration: listener_https/all
x-request-id: a8a0bd20-57f4-493f-96d9-2ee0b3a0e77f
last-modified: Wed, 12 Apr 2023 13:26:33 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nl04ErI9fMfffaMCG9IviNtQfPot6xNBi7symHK4RRoXn6jJjsWiIcv9SCEikvoukFovrDMqY5Ny9mXvWMZcrzdi4X2bKhslvDugNKCCZQkMs%2F93PmGADY1894Q5ZzjqcBoarnUUQtettZkltgcdiPVG"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-tjdnr
access-control-allow-credentials: false
cf-ray: 8a2272133e4466e4-AMS
timing-allow-origin: www.norcal-group.com
x-amz-cf-id: F1f_7E5iq2w-aG4cQD-pSYpAou9hOvWMjieJE9l1_4ee0-lB15trMA==

GET
H3 200 MicrosoftTeams-image%20(60).png
www.norcal-group.com/hs-fs/hubfs/ 43 KB
44 KB 168ms
167ms Image
image/webp 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norcal-group.com/hs-fs/hubfs/MicrosoftTeams-image%20(60).png?width=3000&height=1000&name=MicrosoftTeams-image%20(60).png

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac8b8cb05883e7c128c484dcb07666418952ed647847fdace2e8e9a22dc2f2ea

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 9385401cebb473e4ed1da6c81b927c52.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-106932002079,P-508142,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 43944
cf-resized: internal=ok/m q=0 n=807+0 c=172+594 v=2024.6.0 l=43944
last-modified: Fri, 17 Mar 2023 14:45:32 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfCZ_imAYGcp6sMsrfP_UwAPwYECMCGdjzXPC_Yl0cDQ:9fff16da7a4d31e24ade9734bd7c35d3"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ogJ%2Bo7XPsHx1k6FA1Zn3cQZM1DCxZsNom75YzonkURo1l%2F3ouTpANk6sqQxz2lkNB4vfscWQ38faq2F3LIu935nnyc9mwnG7jEjf8sbH2OxYabP7MhTniLTI5kHaFtgMzktqj56aacWCmrPEiwAE6IU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8a2272133e4666e4-AMS
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net

GET
H3 200 graphic_am-best.png
www.norcal-group.com/hubfs/Norcal_Mutual_Images/ 5 KB
6 KB 242ms
242ms Image
image/webp 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norcal-group.com/hubfs/Norcal_Mutual_Images/graphic_am-best.png

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

178f8b05706c1bd47a1ba31264194f9a86c2324d7f3f387eb76d25407cab5b13

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-3238580393,P-508142,FLS-ALL
age: 6325
x-amz-request-id: GV2RDYRF7TAWBG1F
edge-cache-tag: F-3238580393,P-508142,FLS-ALL
content-disposition: inline; filename="graphic_am-best.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "c6a44a8f8c06135751107c3f5e3ba7a9"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 16:35:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 1uigCEx7rK5LVSy6ZnJJsyIx5x8Gqju0
x-amz-cf-pop: AMS1-C1
cf-polished: origFmt=png, origSize=5811
x-cache: RefreshHit from cloudfront
cache-tag: F-3238580393,P-508142,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 4800
x-amz-id-2: i9x9qlzruQCXj9Z4EArKjWqZVX366wkmWMNX+gmnk1DwUHVZxU8iC6/PXP6VTBHrbTDsMRVA6g8=
last-modified: Fri, 06 Oct 2017 02:59:18 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mxhzmu0CLR3zrUAU78LHp08X79Q7K6BHP%2BFZbhjQ0WVEOmnm8fPGPBA3QGzlpAAgYj0%2BnNGeJ4JgnZfQQoSiMBFnG77zu0PpOPsGAExqFV6C4HT02i9e0NdD98Cv37eyHEtu3id0jUDaJw%2F8ZtE5Lvub"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a2272133e4a66e4-AMS
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: XcTKjXELDnRN4sHn-Cic0bRfEOYeeR7vUAOQ0OhoXy2rGZ4x1MWsRQ==

GET
H3 200 Norcal_Mutual_Aug2015-main.min.js Show response
www.norcal-group.com/hs-fs/hub/508142/hub_generated/template_assets/3209674544/1588706220533/Coded_files/Custom/page/Norcal_Mutual_Aug2015-theme/ 4 KB
2 KB 46ms
45ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norcal-group.com/hs-fs/hub/508142/hub_generated/template_assets/3209674544/1588706220533/Coded_files/Custom/page/Norcal_Mutual_Aug2015-theme/Norcal_Mutual_Aug2015-main.min.js

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e9469b5b39e9db3ab9f5212925dff57bbbe70e9b43672a3037ae98980098069

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 1658
x-amz-request-id: SYT998ZBSXB66JNX
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"5bc5c3997b3ae9265f883a142b911f15"
vary: origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 16:35:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 88b63cb2f8aab28c7291262ffc15282e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: gHikRzit1mh5mw2NGBtLxnicWZkGl_zg
x-amz-cf-pop: IAD89-C1
x-hubspot-correlation-id: cb857ee5-d4a5-4ec8-8122-02b9dff94c9c
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 201
alt-svc: h3=":443"; ma=86400
x-amz-id-2: N7/4o+3Wb2Z+Nn8do7haf+C8PknN/0jlPC7gkdvncPX+MAhT2v+aEeXXbAQGNqg7qaUmqBNMBdo0usNQS2CZTQ==
x-request-id: cb857ee5-d4a5-4ec8-8122-02b9dff94c9c
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 05 May 2020 19:17:01 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LAgn8zq2fOQoIMTh51vOTjrtd7HRVTdEiUwG4Y2sGgUZrhWOy0ialvGv42OIOGIzw090sutgPOGj%2FrTsE3ak3ClUGj7jlqYYHHzREwYyKGyFXKwHsztrkaSQSNIuJNnBlclh56tnH2xbMOtfiaL9OMMf"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-jn7vt
access-control-allow-credentials: false
cf-ray: 8a2272144f8566e4-AMS
timing-allow-origin: www.norcal-group.com
x-amz-cf-id: 3avuxTIv8SE5O9zCaisqei7mbkD5MIGa59AHumOLZL5_dNBsdw5rgg==

GET
H2 200 embed.js Show response
static.hsappstatic.net/content-cwv-embed/static-1.971/ 13 KB
5 KB 145ms
33ms Script
application/javascript 2606:4700::6811:ae5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/content-cwv-embed/static-1.971/embed.js

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ae5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98dfeb1d061e8788b320a130a84723813efed0b2518921f30b40cc8a09bf8ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:17 GMT
x-amz-version-id: 1gm1MaaLzWiIBc2FerIVtLdckhSMSaY7
content-encoding: gzip
cf-cache-status: HIT
via: 1.1 06cdb267b93af0cbfcd6cc564136784a.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: AMS58-P5
age: 774280
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 05 Jun 2024 15:05:39 GMT
server: cloudflare
etag: W/"26c40482b55a607cd44486a2958741d4"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nRpLthGFBSCk1DcKM5bP7IcuE6OuuZKmhmyQRxHYR4lbT4QR1bqxPnkIuIMlF5xJCGdSBqxmrZ4a%2FLRI%2BcRtVA0puNeYir2YclXJWR3PlR2lzSF7KtljulZQtf%2FO5OjGrNJhjVKs6lL4zuj1Tr%2Bh1AeL1Ys%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8a22721559c05c37-AMS
x-amz-cf-id: Jv6QeL5RyhGpE7inAlsnseUUIh-gRTOQaFiKEoBSVLeHxSEEVC393w==
expires: Sat, 12 Jul 2025 16:35:17 GMT

GET
H3 200 508142.js Show response
www.norcal-group.com/hs/scriptloader/ 1 KB
1 KB 176ms
175ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norcal-group.com/hs/scriptloader/508142.js

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a9f8df54ad46eef8767334e4241b2811c8ca41efec4a98b4aa4860d7464aa8d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 67eac8a5-395b-4aa6-91b7-3e78959c1ebe
content-security-policy: upgrade-insecure-requests
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400
content-length: 616
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 67eac8a5-395b-4aa6-91b7-3e78959c1ebe
last-modified: Fri, 12 Jul 2024 16:07:39 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.norcal-group.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-zqnx6
cache-control: public, max-age=90
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iylvrjx4%2BAq4AaMTd1WwRTSIBungPjNPrzopcdD7PJuYru4eX93dhEK9LbUyunizeynn9k9CDsdANCwn%2BUwXGpWsmAq1HtENcNisNYDSuXxLXFX060VRIDqZSVQoMoxA3IlW5cvx7Fl%2FsKkQwBIp1Z6%2B"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a227214afde66e4-AMS
expires: Fri, 12 Jul 2024 16:36:48 GMT

GET
H3 200 index.js Show response
www.norcal-group.com/hs/hsstatic/HubspotToolsMenu/static-1.321/js/ 12 KB
5 KB 57ms
56ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norcal-group.com/hs/hsstatic/HubspotToolsMenu/static-1.321/js/index.js

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f826bcac220a5475477ee65fae659b0d8292d038d180a122df67fadb6742ed52

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:17 GMT
content-encoding: gzip
via: 1.1 ffde4ac468ae53bebcf62edbe5888ab6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
age: 9850898
x-amz-cf-pop: AMS58-P5
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: Miss from cloudfront
x-amz-version-id: 1rlxLpliQ7bEVIEMqiesE48_Sx9RmqkP
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Mar 2024 15:59:57 GMT
server: cloudflare
etag: W/"5885ac5129ee80f8b7e1e228e142587d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2J4ROyy2YfSZ0n9IxLoGJkODZ3hs9vjslObe7Vddcj%2BqbPmhEkUflbcSDiBsvMJAO2fNbOQxcTVZkIDRj9CwFjZqI28ojeBVt2Z3VCH4sm%2BAanYgH2yO47JGaVpZhCJBmsuO%2Fr%2Fp5xYKcMkCOxYlnkQs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8a227214afe066e4-AMS
x-amz-cf-id: lLrg7GphaXEheMpwo91_hb4ZjYzzc4w0-ELg5b00ehkQ5U8e7j6sUw==
expires: Sat, 12 Jul 2025 16:35:17 GMT

GET
H3 200 Norcalmutual-April2015-main.min.js Show response
www.norcal-group.com/hs-fs/hub/508142/hub_generated/template_assets/2708901728/1588706220478/Coded_files/Custom/page/Norcalmutual-April2015-theme/ 1 KB
2 KB 101ms
100ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norcal-group.com/hs-fs/hub/508142/hub_generated/template_assets/2708901728/1588706220478/Coded_files/Custom/page/Norcalmutual-April2015-theme/Norcalmutual-April2015-main.min.js

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ed8e0a5345276065984682a99fbec4b23aec5de541446a1133633e4fdb52eea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 1658
x-amz-request-id: 8KNWQAE6ZPC87NBQ
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"060dbab746e3d51111424f9ab03c5cfb"
vary: origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 16:35:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 6b7e1e42d74fd61097787cc6c1a37c34.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: JNCA44IQU_dQZX8u7qkYGsb94Txl4.YN
x-amz-cf-pop: IAD89-C1
x-hubspot-correlation-id: ae502ff3-0ad4-4d8c-abdb-587266ded0c5
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 167
alt-svc: h3=":443"; ma=86400
x-amz-id-2: kuJqKlYUKKE0Dd3qJEz4D7qaGjnIr/BCi4Wr9mUuLoaQ3temxJlh/kB6w4mKkUe7C4EfK/HOtMGcjKKgiLPaOkNKGHFbSekle3xuMFnNxcc=
x-request-id: ae502ff3-0ad4-4d8c-abdb-587266ded0c5
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 05 May 2020 19:17:01 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I7ZyfEA4NksoO1sZSEoharZeXpwQIzVD1HGuiol6EPZLV%2BCNFW28PszM%2BSM%2FNYdnJmqwt0JF2kF81M%2FzFG7bzfTSJfukHrKtZT52cTiiQhLIw%2F2k%2Fvw7yizR5kLK7woENfWqKO%2FG84nyLU0Ili7oCrEz"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-lrfms
access-control-allow-credentials: false
cf-ray: 8a227214afdd66e4-AMS
timing-allow-origin: www.norcal-group.com
x-amz-cf-id: -vxKVo7SJRr_W5LVzkQPmqxeFFbWz0FZTIlhGUd754BAD5aMtmnoLQ==

GET
H2 200 dcc43b92-d1b9-43ad-8f0c-77f2edab659a.json Show response
cdn.cookielaw.org/consent/dcc43b92-d1b9-43ad-8f0c-77f2edab659a/ 3 KB
2 KB 59ms
32ms XHR
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/dcc43b92-d1b9-43ad-8f0c-77f2edab659a/dcc43b92-d1b9-43ad-8f0c-77f2edab659a.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9e0b99baccbc816cf65dffbb183c84906b949f9dc1bd3f876fb87e0f76d1173

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Jul 2024 16:35:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1658
content-md5: b1dcGESsRptfRhXeV6B29A==
content-length: 1446
x-ms-lease-status: unlocked
last-modified: Wed, 22 Mar 2023 19:29:05 GMT
server: cloudflare
etag: 0x8DB2B0BB30D2DEB
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c1a69d48-801e-00d1-7f6f-cc2ed5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8a2272147d679fa8-AMS
expires: Sat, 13 Jul 2024 16:35:17 GMT

GET
H2 200 st.js Show response
s.swiftypecdn.com/install/v2/ 416 KB
110 KB 125ms
15ms Script
text/javascript 151.101.1.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.swiftypecdn.com/install/v2/st.js
Requested by: Host: www.norcal-group.com
URL: https://www.norcal-group.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.167 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2d7c7930eb39d59cd8c2dc00652977da3ed72347e7cd465f7b540e10e2121c22

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220058-FRA
date: Fri, 12 Jul 2024 16:35:17 GMT
content-encoding: gzip
via: 1.1 varnish
age: 9
x-timer: S1720802118.967103,VS0,VE1
etag: "644bc37d-1b6c6"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=300, public, max-age=300, public
accept-ranges: bytes
content-length: 112326
x-cache-hits: 1

GET
H3 200 PRA%20Green%20banner.png
files.norcal-group.com/hubfs/Website/NG%20Home%202023/ 5 KB
7 KB 651ms
68ms Image
image/png 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.norcal-group.com/hubfs/Website/NG%20Home%202023/PRA%20Green%20banner.png

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/hs-fs/hub/508142/hub_generated/template_assets/6321259971/1681305992871/Coded_files/Custom/page/NORCAL_Group_X_CSS/NGX-Style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

791b7515bd123a34f25953abc2ec1b8e6a926458e2083330ed90c27c12983289

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-105623324080,FD-105462269556,P-508142,FLS-ALL
age: 6324
x-amz-request-id: KR4H1MQB5A1KCTBA
x-amz-server-side-encryption: AES256
edge-cache-tag: F-105623324080,FD-105462269556,P-508142,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "e6aab334d5ee4f59b08a775edecfcc28"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678294482170
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 16:35:18 GMT
strict-transport-security: max-age=31536000
via: 1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: vEJjGvddRCSt5ZnYRf.Dt57yZYeWUWot
x-amz-cf-pop: AMS1-C1
x-hs-alternate-content-type: text/plain
cf-polished: origSize=11859, status=webp_bigger
x-cache: RefreshHit from cloudfront
cache-tag: F-105623324080,FD-105462269556,P-508142,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 5483
x-amz-id-2: Tg2q2ucVm1Cxx3MH8mEeNBa0ItAe8Q/H/A0+qtSrLvWeLt3u6eSx6LyUVsITvS+JkEe3BBSvEEc=
last-modified: Wed, 08 Mar 2023 16:55:04 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QTGJRKhdgqUVIhpIoSOnz%2B5Gu7BoQi3FhBLQ1%2FMN%2BLPRxiaEi4T8QMhdlMCKSY4iE8tSo9dsdlVXQVzqItvKoHYDUKKz7V63R3bKFPC8oa2TerQFaetZgfC2Pfx4bEPlxzNV95FVMpjF5Fc8bc2yQY%2Fn%2FkY%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a2272184e530e08-AMS
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: TJbmCJGPjbst_WQfCH-uKXkNSv-ul7SFtjjvz7FOe8JtdSl2RoXP_A==

GET
H2 200 bullet_orange.png
508142.fs1.hubspotusercontent-na1.net/hubfs/508142/Website/ 74 B
976 B 168ms
62ms Image
image/webp 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://508142.fs1.hubspotusercontent-na1.net/hubfs/508142/Website/bullet_orange.png
Requested by: Host: www.norcal-group.com
URL: https://www.norcal-group.com/hs-fs/hub/508142/hub_generated/template_assets/6321259971/1681305992871/Coded_files/Custom/page/NORCAL_Group_X_CSS/NGX-Style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8f826282f1a8d40c54d44c67de9cf264b9de0186e435f11b471c3e95fbb4c21

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:18 GMT
via: 1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-3931312341,FD-3238580373,P-508142,FLS-ALL
x-amz-version-id: hrMyJKKvWfGo5ti6Ml4dQ0be_jg7g9Vr
age: 6324
x-amz-cf-pop: AMS1-C1
cf-polished: origFmt=png, origSize=103
x-amz-request-id: H6V3BGR0VYX6ME56
edge-cache-tag: F-3931312341,FD-3238580373,P-508142,FLS-ALL
cache-tag: F-3931312341,FD-3238580373,P-508142,FLS-ALL
x-cache: RefreshHit from cloudfront
content-disposition: inline; filename="bullet_orange.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
content-length: 74
x-amz-id-2: iNAAl7MpjsC93WqnysJJw//FF78cRrJFqxInR/PhYYcqb4D+9Coyk+yx0pimKqxnf85xbdzrhqs=
last-modified: Sun, 14 Oct 2018 20:18:51 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "b1c27e596d979e523607f0267011b964"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8a2272155a5f65ff-AMS
timing-allow-origin: 508142.fs1.hubspotusercontent-na1.net
x-amz-cf-id: EqC7kxjlDJBwWJNsnxGKpRmXilF3E5-S9MRB4RswrWmyLagUU6trMg==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
DATA 200
OK truncated
/ 24 KB
24 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1001a9bc1080018e46359b73ed1fcdfdd0cfd966eacc63b1b4a4b1bfcd81f104

Request headers

Referer
Origin: https://www.norcal-group.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H2 200 1436457411.woff
508142.fs1.hubspotusercontent-na1.net/hubfs/508142/Fonts/ 14 KB
14 KB 199ms
105ms Font
application/font-woff 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://508142.fs1.hubspotusercontent-na1.net/hubfs/508142/Fonts/1436457411.woff
Requested by: Host: www.norcal-group.com
URL: https://www.norcal-group.com/hs-fs/hub/508142/hub_generated/template_assets/6321259971/1681305992871/Coded_files/Custom/page/NORCAL_Group_X_CSS/NGX-Style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ce3a3bb40fd10649c6d6d7eca68d794ba9b596a6a53609d53148f55eab6c124

Request headers

Referer: https://www.norcal-group.com/
Origin: https://www.norcal-group.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:18 GMT
via: 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-meta-cache-tag: F-3213177794,P-508142,FLS-ALL
x-amz-version-id: cpljeWc9ZBtN0w5feL9MfoXEg3eL06Gt
age: 853249
x-amz-cf-pop: AMS1-C1
x-amz-request-id: MB8AM8X9PDE9HJAJ
edge-cache-tag: F-3213177794,P-508142,FLS-ALL
cache-tag: F-3213177794,P-508142,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-id-2: mN9AKKtHZvPTx3R1tL/dJOy7nZD5xlFJs2AQaolNdIkeMtRSyOtA7e1cHtIVIBnC5jFX/ai4kh4=
last-modified: Fri, 06 Oct 2017 02:59:15 GMT
server: cloudflare
etag: W/"d77e326176c3cef4a500b419f9514f0b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8a227215589b0b5c-AMS
timing-allow-origin: 508142.fs1.hubspotusercontent-na1.net
x-amz-cf-id: A52LSj9PobP_h8B2nne_IgvfDPYyAmUHJsQh_5YV-Sjf9PDfjDLxfg==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
DATA 200
OK truncated
/ 25 KB
25 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f093f201dbf00e09264e40b0440246f78e99735d2e2615a1734365a4e5dd4ba8

Request headers

Referer
Origin: https://www.norcal-group.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1b9262e72023835f25c64460a568d1ce8e7f92d75c0cceb9b031af3205604dd

Request headers

Referer
Origin: https://www.norcal-group.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ae736ab49ff32551f986c1f3d5fd240f44a9f0e9544ec7689842667008245b0

Request headers

Referer
Origin: https://www.norcal-group.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H3 200 PRA-MMI-Logo%C2%AE-RGB.webp
www.norcal-group.com/hs-fs/hubfs/ 4 KB
5 KB 107ms
107ms Image
image/webp 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norcal-group.com/hs-fs/hubfs/PRA-MMI-Logo%C2%AE-RGB.webp?width=234&height=46&name=PRA-MMI-Logo%C2%AE-RGB.webp

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2009330b44a7e80724b1358435dbc6ccbb854a5c80a5d3f5b18607bdcae14245

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 609487f3e9c1fd7ddcc7b01d9818bfec.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-172511936319,P-508142,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 4214
cf-resized: internal=ok/m q=0 n=787+0 c=1+7 v=2024.6.0 l=4214
last-modified: Tue, 09 Jul 2024 16:19:28 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfBuDwMYVE2aUyVbuQrlctCL7POimljMfXfC1tX_-yDQ:1a998df5058175619a9c33929687c760"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DGmkLjDEweS6o0DbFkPnDQaHDpHFZlVzXqQTgFknmhx3AAmSxyKvd0gjpIIUdecB11TG7qdPmRrh4UaUm8rXEesx%2F5zpsopAOo2BxiOsxrkSsIvYP1jCEUqHQ33spuA1L35NF%2BE1zLCpSacXGKVbu50V"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8a227214bffa66e4-AMS
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202302.1.0/ 405 KB
98 KB 28ms
28ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202302.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e70be2849f7e7f7f27dc4eb168538ef25474e4799e1a4a4d9aee01f57f4c5a3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Jul 2024 16:35:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: +3NcDg7IRUqn5oCiPaN6Hg==
age: 81590
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99858
x-ms-lease-status: unlocked
last-modified: Fri, 10 Mar 2023 03:55:12 GMT
server: cloudflare
etag: 0x8DB211B3FF3862E
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 276d37c8-b01e-0058-5632-0de1dc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8a227214dd380bb3-AMS

GET
H3 200 json Show response
www.norcal-group.com/_hcms/forms/embed/v3/form/508142/50f69899-f5c4-494a-a36c-853abf4b471a/ 26 KB
6 KB 170ms
170ms XHR
application/json 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norcal-group.com/_hcms/forms/embed/v3/form/508142/50f69899-f5c4-494a-a36c-853abf4b471a/json?hs_static_app=forms-embed&hs_static_app_version=1.5387&X-HubSpot-Static-App-Info=forms-embed-1.5387

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/_hcms/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

44edc35a3ba2b387c2963170e7ba17c4f17c87eb1af9d70578360b7beadee2f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-origin-hublet: na1
date: Fri, 12 Jul 2024 16:35:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 5c3726bf-98d3-4bbe-bdad-1b04d3b99dfd
content-security-policy: upgrade-insecure-requests
x-envoy-upstream-service-time: 29
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5c3726bf-98d3-4bbe-bdad-1b04d3b99dfd
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-max-age: 180
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-k2t78
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aDklXyyDZ3Zlo5Ln9cU8HMTwIIx88yW0BDgZAy6pgI05npUl8b%2FMPQwN6wPDGTl6Nx1QhwK%2Fk2kWr1Tj0ldSMr%2FtQTITVdA3HTrLysr33M58RneiNIyTdJDM9R%2FpG0cGtiFwd2kz%2BWNv9i8QgmPUyptR"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a227214e82966e4-AMS
access-control-allow-headers: *
x-robots-tag: none

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/dcc43b92-d1b9-43ad-8f0c-77f2edab659a/30f274ed-20cd-4ac5-b962-f0afb5d2e3d5/ 90 KB
16 KB 36ms
35ms Fetch
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/dcc43b92-d1b9-43ad-8f0c-77f2edab659a/30f274ed-20cd-4ac5-b962-f0afb5d2e3d5/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202302.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39de22a33f719a8157f2d84d05dd987510d132cf4ddd22811f88de3d35429112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Jul 2024 16:35:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1658
content-md5: s3pNOy3vah3M+dFCxswvHA==
content-length: 16642
x-ms-lease-status: unlocked
last-modified: Wed, 22 Mar 2023 19:29:06 GMT
server: cloudflare
etag: 0x8DB2B0BB3EB87C9
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4d7a4912-101e-0051-7667-79a40f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8a2272155e5d9fa8-AMS
expires: Sat, 13 Jul 2024 16:35:17 GMT

GET
H2 204 has-permission-json Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
1 KB 261ms
216ms XHR
text/plain 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission-json?portalId=508142

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/hs/hsstatic/HubspotToolsMenu/static-1.321/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: no-sniff
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e838924e-9ebf-451f-97ee-23cd1565c240
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8a227215ea56b98c&resource=unknown"
x-evy-trace-listener: listener_https
x-request-id: e838924e-9ebf-451f-97ee-23cd1565c240
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
access-control-allow-origin: https://www.norcal-group.com
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-zrgzf
cache-control: max-age=0
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 8a227215ea56b98c-AMS

GET
H3 404 undefined
www.norcal-group.com/ 3 KB
3 KB 307ms
302ms Image
text/html 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norcal-group.com/undefined

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

082fd9e509f609d3be9fab0a6161ab4c94341147ab2d1e42d9aaca2d67954e04

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a6cf29e4-3b2d-4be6-abb5-365c8c41437e
content-security-policy: upgrade-insecure-requests
x-envoy-upstream-service-time: 103
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a6cf29e4-3b2d-4be6-abb5-365c8c41437e
x-hs-reason: No view mapper found to handle request
server: cloudflare
vary: origin, Accept-Encoding
x-hubspot-notfound: true
content-type: text/html;charset=utf-8
x-evy-trace-served-by-pod: iad02/cms-40-49-td/envoy-proxy-d54bc89fd-czxbc
x-evy-trace-virtual-host: all
cache-control: s-maxage=5,max-age=5
access-control-allow-credentials: false
x-hs-prerendered-error: Tue, 09 Jul 2024 16:34:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kBJPCHP%2FH0PWs5JzdYiLQwzABBhnFP%2BsaLIn5Mc5jmimPKQUATFb2h0xJ6u3O8opnZETEjUNi8OQ1%2Fx4WEhfembuRqZqSsbDObpGflWuyakO2DrToDN%2Bel508XmpEl8lEQwNPndKtQvD4kyzxG1whe5Q"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a227215b9b066e4-AMS

GET
H2 200 YoEqw_wa7azjsGzUW9s1.json Show response
s.swiftypecdn.com/install/v2/config/ 18 KB
5 KB 23ms
8ms XHR
application/json 151.101.1.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://s.swiftypecdn.com/install/v2/config/YoEqw_wa7azjsGzUW9s1.json

Requested by

Host: s.swiftypecdn.com
URL: https://s.swiftypecdn.com/install/v2/st.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.167 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e73156fe6c2d94ced522b83087e4ab586a255979bc4f74b230f3df13fa92ea96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish
x-permitted-cross-domain-policies: none
age: 26
x-cache: HIT
content-length: 4081
x-xss-protection: 1; mode=block
x-request-id: 22cf19bb709b9771761f339f1bbe5ca8
x-served-by: cache-fra-etou8220082-FRA
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 05 May 2020 21:47:11 GMT
x-timer: S1720802118.059097,VS0,VE1
etag: W/"5bfe474e277bb042392726d219bf95e8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 508142.js Show response
js.hs-analytics.net/analytics/1720802100000/ 68 KB
24 KB 171ms
137ms Script
text/javascript 2606:4700::6810:a0a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1720802100000/508142.js
Requested by: Host: www.norcal-group.com
URL: https://www.norcal-group.com/hs/scriptloader/508142.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ec59a61ed4a3dd0906ce19c96e432f5bec8cf1403dbda5ad3590a415f78a08b

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:18 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: B70QYQBPREHZ1MA0
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 1d680036-4f50-4599-849d-9aaa310ddb2c
x-envoy-upstream-service-time: 20
x-amz-id-2: AqxEilxctUef3f+PdY9Jd8ptHqD/hepEGol2/T3Dr+OnH7p4a3S+bNWGjU2EsdSARakNr6gqeao=
x-evy-trace-listener: listener_https
x-request-id: 1d680036-4f50-4599-849d-9aaa310ddb2c
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 09 Jul 2024 17:50:37 GMT
server: cloudflare
etag: W/"b4564099a78407f96c2a9f0c7474f7e3"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-647fb
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8a2272160e895c39-AMS
expires: Fri, 12 Jul 2024 16:40:18 GMT

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 82 KB
24 KB 162ms
128ms Script
application/javascript 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/hs/scriptloader/508142.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

223ce47ad1f37b0e8d8d12e8333faa417930d86e8a2b69e932364cd4fa725310

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
Origin: https://www.norcal-group.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1232/bundles/project.js&cfRay=8a22721608a11c99-AMS
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"a72ef6dcb4ff7248d922f14d4297ff6d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.1232/bundles/project.js
date: Fri, 12 Jul 2024 16:35:18 GMT
x-amz-version-id: VlZofOO6XLIMBEw0GCyKL1V6eti3_6c2
x-content-type-options: nosniff
cf-cache-status: EXPIRED
via: 1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 0892601a-94f3-4192-9029-2ee5b73f575f
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
x-evy-trace-route-configuration: listener_https/all
x-request-id: 0892601a-94f3-4192-9029-2ee5b73f575f
last-modified: Wed, 10 Jul 2024 15:31:47 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B311r7sWcMagmBlAMTL0VSXYI%2BHWg3FCu8sG0EucYEkcaMQBp%2FXjGjvAETId%2BN8cYIOMyeumqy32QlmBLuRVinY7vI%2Fctavjviw3uy%2B133iDNKxOrbAwP2hYXa3s0CXlo7kxO%2BpkXPuZ9lgE"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-5s6qd
cf-ray: 8a22721608a11c99-AMS
x-amz-cf-id: 0j6jrizmMytzPZ-WwTqo5oX_OJt6Tf0Yuc_uxG0oiZQF5PdfCvNrnA==

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/508142/ 79 KB
28 KB 338ms
304ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/508142/banner.js
Requested by: Host: www.norcal-group.com
URL: https://www.norcal-group.com/hs/scriptloader/508142.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89c693870343ee93d3aae787fcd36f0d0fb119e0a281908856a933f9cfadc423

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:18 GMT
x-amz-version-id: u2n92Kv4.c98B4itfHj0PhW5jp2pG55i
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: 5XBNW9Q5YY7BHPV5
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 19df6c5b-3426-48ff-b151-4cd4b212311a
x-envoy-upstream-service-time: 48
x-amz-id-2: UupCvfXByNSThfIQpqzWBczsYhaKpd0y2vneDDeLULTtUWDAIHe5AroOtJYUAwO7+48FF41sZJ6MnSRIqDWwjsTMOFefp/iH
x-evy-trace-listener: listener_https
x-request-id: 19df6c5b-3426-48ff-b151-4cd4b212311a
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 18 Jun 2024 12:39:45 GMT
server: cloudflare
etag: W/"4d41722b8ec32677a28feab2f6f4953e"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.norcal-group.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-762px
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8a2272160d009f8e-AMS
expires: Fri, 12 Jul 2024 16:40:18 GMT

GET
H2 200 new_embed-2552d8d62d9c60f59b3b11a5d083d1ebd090c72de809fc7c76fb339825302241.css
s.swiftypecdn.com/assets/ 89 KB
33 KB 9ms
8ms Stylesheet
text/css 151.101.1.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.swiftypecdn.com/assets/new_embed-2552d8d62d9c60f59b3b11a5d083d1ebd090c72de809fc7c76fb339825302241.css
Requested by: Host: s.swiftypecdn.com
URL: https://s.swiftypecdn.com/install/v2/st.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.167 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2552d8d62d9c60f59b3b11a5d083d1ebd090c72de809fc7c76fb339825302241

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits: 888
date: Fri, 12 Jul 2024 16:35:18 GMT
content-encoding: gzip
via: 1.1 varnish
age: 759066
x-cache: HIT
content-length: 33983
x-served-by: cache-fra-etou8220058-FRA
x-timer: S1720802118.074579,VS0,VE0
etag: "62b9d075-84bf"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Thu, 03 Jul 2025 21:44:11 GMT

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
886 B 161ms
128ms Image
image/gif 2606:4700::6813:afbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:afbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 283375ee-8e7d-4154-8f3f-e5578a0b95a7
x-envoy-upstream-service-time: 8
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 283375ee-8e7d-4154-8f3f-e5578a0b95a7
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-fr5m6
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8a2272164a5cb7f8-AMS

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202302.1.0/assets/ 13 KB
3 KB 24ms
24ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202302.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202302.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Jul 2024 16:35:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JiPvkoWr8q46ry2my9HtEQ==
age: 1659
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3020
x-ms-lease-status: unlocked
last-modified: Fri, 10 Mar 2023 03:55:05 GMT
server: cloudflare
etag: 0x8DB211B3B953477
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: de2fc6bb-101e-008a-0372-796232000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8a2272164f789fa8-AMS

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/202302.1.0/assets/v2/ 63 KB
12 KB 35ms
35ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202302.1.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202302.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

330a318c75af1ffc7ede4e88f68c4db19c25ae234cd4932ee8b5223876f16149

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Jul 2024 16:35:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: L46Lh0RO9Nev4QxmjN/1xA==
age: 1659
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12592
x-ms-lease-status: unlocked
last-modified: Fri, 10 Mar 2023 03:55:07 GMT
server: cloudflare
etag: 0x8DB211B3CF8FFC7
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 05c3db99-f01e-0014-3359-7971ec000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8a2272164f7b9fa8-AMS

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202302.1.0/assets/ 21 KB
4 KB 33ms
33ms Fetch
text/css 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202302.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202302.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Jul 2024 16:35:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 1659
x-ms-lease-status: unlocked
last-modified: Fri, 10 Mar 2023 03:55:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6603fb0f-601e-0064-2d0f-7cc81b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8a2272164f7d9fa8-AMS

GET
H2 200 index.svg
508142.fs1.hubspotusercontent-na1.net/hubfs/508142/Norcal_Mutual_Images/ 219 B
597 B 59ms
59ms Image
image/svg+xml 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://508142.fs1.hubspotusercontent-na1.net/hubfs/508142/Norcal_Mutual_Images/index.svg
Requested by: Host: www.norcal-group.com
URL: https://www.norcal-group.com/hs-fs/hub/508142/hub_generated/template_assets/6321259971/1681305992871/Coded_files/Custom/page/NORCAL_Group_X_CSS/NGX-Style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3712c17c27414c5a3981a0c1946d831001f5ad4e45b62577c08928c37f6ec8d4

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:18 GMT
via: 1.1 682270ef163d219cc7a50d1af232b97e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-meta-cache-tag: F-3224034459,P-508142,FLS-ALL
x-amz-version-id: wltAK14qpzpIzcFb3rKuvyfEd_px_xB3
age: 6315
x-amz-cf-pop: AMS1-C1
x-amz-request-id: A5DEA7Q1JX96EWE6
edge-cache-tag: F-3224034459,P-508142,FLS-ALL
cache-tag: F-3224034459,P-508142,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-id-2: 3X0zWUEDmmTV3qybLMD9pwOoh4/AvL4QgIoaDmS9QGxe8b19FSKvmm7ZT+jG6faeDt1f3vX0h1A4P5J2Y2KN5Q==
last-modified: Fri, 06 Oct 2017 02:59:16 GMT
server: cloudflare
etag: W/"fa27dbb8ab556391b99738cfe6d5f5ab"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8a2272165b2765ff-AMS
timing-allow-origin: 508142.fs1.hubspotusercontent-na1.net
x-amz-cf-id: q2eGS2V6BZpAJFuSJXPVfFVNQWmlItNXc7bf6OgHDOqNCu7tmsjhMA==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
851 B 127ms
127ms Image
image/gif 2606:4700::6813:afbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:afbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e3e5ab68-dba7-41ba-8628-b073728fb113
x-envoy-upstream-service-time: 13
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e3e5ab68-dba7-41ba-8628-b073728fb113
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-gqvsp
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8a2272165a6db7f8-AMS

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
488 B 49ms
46ms Fetch
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202302.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Jul 2024 16:35:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status: unlocked
last-modified: Thu, 11 Jul 2024 19:23:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: eef8b9e5-201e-005f-3d5c-d46174000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8a227216bffd9fa8-AMS

GET
H2 200 ot_company_logo.png
cdn.cookielaw.org/logos/static/ 4 KB
4 KB 33ms
32ms Image
image/png 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_company_logo.png

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Jul 2024 16:35:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: E8+sk/ECzKgTUVtDLikiIA==
age: 3269
content-length: 4036
x-ms-lease-status: unlocked
last-modified: Thu, 11 Jul 2024 19:23:50 GMT
server: cloudflare
etag: 0x8DCA1DEFE7676CA
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 8ae09788-801e-0052-16fb-d38e78000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8a227216cf550bb3-AMS

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 26ms
26ms Image
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Jul 2024 16:35:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 76562
x-ms-lease-status: unlocked
last-modified: Wed, 10 Jul 2024 06:35:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c83dbce4-b01e-00d9-62fc-d235a6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8a227216cf570bb3-AMS

GET
H/1.1 200
OK cc.js
cc.swiftype.com/ 43 B
279 B 587ms
149ms Image
image/gif 169.48.219.66
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.swiftype.com/cc.js?engine_key=7r9-1ABxrfR_XxViXFyC&url=https%3A%2F%2Fwww.norcal-group.com%2F
Requested by: Host: www.norcal-group.com
URL: https://www.norcal-group.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 169.48.219.66 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 42.db.30a9.ip4.static.sl-reverse.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 12 Jul 2024 16:35:18 GMT
Cache-Control: no-cache
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
Content-Length: 43
Expires: Fri, 12 Jul 2024 16:35:17 GMT

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 108 B
1 KB 136ms
136ms Fetch
application/json 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=508142&currentUrl=https%3A%2F%2Fwww.norcal-group.com%2F&contentId=3219156009

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a45c89da6cfa94009a61215c8921175ec1bf18444adb5bcba07e22e9b12954d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1e1040dc-5a43-4cf6-95fc-70fc80a30dad
content-encoding: br
x-envoy-upstream-service-time: 14
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1e1040dc-5a43-4cf6-95fc-70fc80a30dad
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.norcal-group.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YtjDxEECMzNg%2BkadNm8BOv%2BaH%2Bc0IxC56lsRjHCDMEXRZSyjhcC9EUedCJenu9dZoO%2F3FCMVg1VWafLH5duRpHXOPDcVnOYJORwTSAOe0pCPZSLFFUKOxSHwEH%2BlZtW8X7%2B6pGYLuStZP3TqBhYaVYi7oKBV0bFPZhg%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8a227216f9981c99-AMS
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-k2t78

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
581 B 160ms
159ms Image
image/gif 2606:4700::6813:afbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:afbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: bc76703d-1ac3-4423-8cf4-eabfbeab3009
x-envoy-upstream-service-time: 46
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: bc76703d-1ac3-4423-8cf4-eabfbeab3009
last-modified: Fri, 12 Jul 2024 16:35:18 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-k2t78
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 8a227217cc98b7f8-AMS

GET
H2 200 cf-location Show response
js.hs-banner.com/v2/ 5 B
148 B 59ms
29ms Fetch
text/plain 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/cf-location
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/508142/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b28ae40ac9ef82a5f8426c454cf12d9186a8e6813f6244bb9dddbef59af95071

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=1500
cf-ray: 8a2272183e989710-AMS
content-length: 5

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 49ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 Jul 2024 15:41:01 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3257
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 12 Jul 2024 17:41:01 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
225 B 14ms
14ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1657734563&t=pageview&_s=1&dl=https%3A%2F%2Fwww.norcal-group.com%2F&ul=de-de&de=UTF-8&dt=NORCAL%20Group%20-%20Medical%20Professional%20Liability%20Insurance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2036851223&gjid=186457633&cid=603810023.1720802119&tid=UA-82806108-1&_gid=322834414.1720802119&_r=1&_slc=1&z=1415808779

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0fec905a7c1cb86675bcfb39dc2c567edd54392773ca1d754cd3fb165d3b5c7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 16:35:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.norcal-group.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
97 KB 56ms
33ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2FBXJGXT0M&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e9170d70833956e85831eaf5627ce683047db72b20dd2d9a0382da93d2702e7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98518
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Jul 2024 16:35:18 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 102ms
27ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2FBXJGXT0M&gtm=45je4790v9127164790za200&_p=1720802118540&_gaz=1&gcd=13l3lPl2l2&npa=0&dma_cps=syphamo&dma=1&tag_exp=0&ul=de-de&sr=1600x1200&cid=603810023.1720802119&_ng=1&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.norcal-group.com%2F&dt=NORCAL%20Group%20-%20Medical%20Professional%20Liability%20Insurance&sid=1720802118&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1996&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2FBXJGXT0M&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 16:35:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.norcal-group.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 93ms
17ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-2FBXJGXT0M&cid=603810023.1720802119&gtm=45je4790v9127164790za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l2&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2FBXJGXT0M&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 16:35:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.norcal-group.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 88ms
32ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-2FBXJGXT0M&cid=603810023.1720802119&gtm=45je4790v9127164790za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l2&npa=0&frm=0&z=944728456

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 16:35:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
zn6s32qpgp6gmgq73-norcalmutualinsuranc.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 10 KB
5 KB 623ms
561ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn6s32qpgp6gmgq73-norcalmutualinsuranc.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_6s32qPgp6GMgQ73&t=1720802118802

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee97961b55c09dfaf1e1cd5f19f56d385c09aea6eeccddbc6a4a7cfc48b3bbd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"268f-Ftmr75tuhpsV+l/2TsJGO4b5RdU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 8a22721ae8879113-FRA

GET
H2 200 / Show response
zn6s32qpgp6gmgq73-norcalmutualinsuranc.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 10 KB
4 KB 636ms
574ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn6s32qpgp6gmgq73-norcalmutualinsuranc.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_6s32qPgp6GMgQ73&Q_VERSION=0&t=1720802118802

Requested by

Host: www.norcal-group.com
URL: https://www.norcal-group.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee97961b55c09dfaf1e1cd5f19f56d385c09aea6eeccddbc6a4a7cfc48b3bbd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"268f-Ftmr75tuhpsV+l/2TsJGO4b5RdU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 8a22721ae8849113-FRA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
446 B 142ms
139ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=321484724&v=1.1&a=508142&pi=3219156009&ct=standard-page&ccu=https%3A%2F%2Fwww.norcal-group.com&cpi=3219156009&lpi=3219156009&lvi=3219156009&lvc=en-us&pu=https%3A%2F%2Fwww.norcal-group.com%2F&t=NORCAL+Group+-+Medical+Professional+Liability+Insurance&cts=1720802118808&vi=583b70e5c71c53adad76b017e762e30a&nc=true&u=227165570.583b70e5c71c53adad76b017e762e30a.1720802118803.1720802118803.1720802118803.1&b=227165570.1.1720802118803&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1a974163-553b-4570-80b4-38f2f97d4fac
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 9
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1a974163-553b-4570-80b4-38f2f97d4fac
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YiUpLpqH%2BtA5Ycmg5%2F%2B90wIwuHE%2BCer0Z%2Fpey%2FY%2F7KVrvfuASmqaLfOT6JPy45Df3jwp1XnZ8P87Rmm83qrfSYnMbKmGfODzh7ve%2BALg8JC8d4cN1SX0baspY0zBalX%2FlVtSBx45U9z7J%2FBYBmpP"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-rt7tr
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8a22721a9f03b98c-AMS
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
586 B 133ms
133ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=50f69899-f5c4-494a-a36c-853abf4b471a&fci=66e16552-504f-45fd-9d59-5e0807d29f44&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=321484724&v=1.1&a=508142&pi=3219156009&ct=standard-page&ccu=https%3A%2F%2Fwww.norcal-group.com&cpi=3219156009&lpi=3219156009&lvi=3219156009&lvc=en-us&pu=https%3A%2F%2Fwww.norcal-group.com%2F&t=NORCAL+Group+-+Medical+Professional+Liability+Insurance&cts=1720802118809&vi=583b70e5c71c53adad76b017e762e30a&nc=true&u=227165570.583b70e5c71c53adad76b017e762e30a.1720802118803.1720802118803.1720802118803.1&b=227165570.1.1720802118803&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 82166e14-e4f5-45a5-826b-2afeb627d659
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 7
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 82166e14-e4f5-45a5-826b-2afeb627d659
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RvQECqAzk3Drm3YkK1HPJpUoIBwbcJNyMxRvjWzR05A5yKEHIYP271vl04PZHsf7CVMG31iSBkD786fG8cfgNKKUYEF9JM97%2FUQHo9D6bTPJIyrP5mF8JTSzniYifJ3zMFslzx0qUUbAx5ik1Bvt"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-2vxt5
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8a22721a9f07b98c-AMS
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
477 B 156ms
156ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=50f69899-f5c4-494a-a36c-853abf4b471a&fci=66e16552-504f-45fd-9d59-5e0807d29f44&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=321484724&v=1.1&a=508142&pi=3219156009&ct=standard-page&ccu=https%3A%2F%2Fwww.norcal-group.com&cpi=3219156009&lpi=3219156009&lvi=3219156009&lvc=en-us&pu=https%3A%2F%2Fwww.norcal-group.com%2F&t=NORCAL+Group+-+Medical+Professional+Liability+Insurance&cts=1720802118809&vi=583b70e5c71c53adad76b017e762e30a&nc=true&u=227165570.583b70e5c71c53adad76b017e762e30a.1720802118803.1720802118803.1720802118803.1&b=227165570.1.1720802118803&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1fdb1c5f-026f-4708-a110-03eee798bfd5
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 17
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1fdb1c5f-026f-4708-a110-03eee798bfd5
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l0luMrLRf0iMt8yWCjXcVbpW6xZt9%2FxByToPpURKvhJLKmc8uwjqgpGL23%2Bls671kTuQN4Z7ln53KVQZzBwvMdVzGyQcTXlixmILCHuJRIGpYTC8ex60r4QBhaAy281LpkWix9toio0EoPzbiwWo"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-vtjjp
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8a22721a9f09b98c-AMS
x-robots-tag: none

GET
H3 200 favicon.ico
www.norcal-group.com/hubfs/Norcalmutual/ 1 KB
1 KB 876ms
875ms Other
image/vnd.microsoft.icon 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norcal-group.com/hubfs/Norcalmutual/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

86fd687ca68f9a0462e72f681166754675ce460649a414ad6a2205bccda852ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:19 GMT
content-encoding: br
via: 1.1 8e4700eb43d0f5579f360cfc02e71fac.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-2709104538,P-508142,FLS-ALL
strict-transport-security: max-age=31536000
age: 26574
x-amz-cf-pop: AMS1-C1
content-security-policy: upgrade-insecure-requests
edge-cache-tag: F-2709104538,P-508142,FLS-ALL
cache-tag: F-2709104538,P-508142,FLS-ALL
x-amz-version-id: eKG9y5nTnVaqpKHBBlene.JM6drL06VQ
x-amz-request-id: WYA7WVZAJKS858VZ
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: iq4l9kLtxuv/+/Uwu/4LJa7oUaSk8hVWmrULUW+Qrya3n8EhNLi3B2BW2SR7iroH/zTHJlgSnbn1PEdbxi/R8elNd6bmkOXKF9acRpShqMA=
last-modified: Fri, 06 Oct 2017 02:58:58 GMT
server: cloudflare
etag: W/"50b2826c03e92af7f09aa805bfff51d7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ikO7aQGBQ%2FdfOw0YmiMzZsXHgnTtfzJL5%2FRBX7JmGmfZ6bYD6OC2I2ANZDfkJIshN9PRTnREAq8obiyYNMGU8LW1xlXHxqlypdG2QabbOFwzhiJZn%2BvncJjB1uRfRJc%2Bl5VtujupFBMG4TC402BgdUxh"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8a22721abec966e4-AMS
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: ZQ4jNRBVhjog1kqnMxA87dAHWh_AGbHu-XyNqnHGR4JPe3UZtwfODg==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 12.f83656fbc6c9f02061b2.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 74 KB
21 KB 32ms
26ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.f83656fbc6c9f02061b2.chunk.js?Q_CLIENTVERSION=2.10.0&Q_CLIENTTYPE=web&Q_BRANDID=www.norcal-group.com

Requested by

Host: zn6s32qpgp6gmgq73-norcalmutualinsuranc.siteintercept.qualtrics.com
URL: https://zn6s32qpgp6gmgq73-norcalmutualinsuranc.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_6s32qPgp6GMgQ73&t=1720802118802

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

369a904e6a2a6cb6fef3e935c723dead810c01aa74ff7771983a06e5f3cf8f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 232058
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 18:09:29 GMT
server: cloudflare
etag: W/"12863-1906f7ccfa8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 8a22721e8d779113-FRA

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 57 B
134 B 122ms
121ms XHR
text/plain 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_6s32qPgp6GMgQ73&Q_CLIENTVERSION=2.10.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.f83656fbc6c9f02061b2.chunk.js?Q_CLIENTVERSION=2.10.0&Q_CLIENTTYPE=web&Q_BRANDID=www.norcal-group.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

191c90e801eda262d5d782185a06b18569d22fa74974b8e907900f3a32543ff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Jul 2024 16:35:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.norcal-group.com
cache-control: must-revalidate, max-age=300
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: f7abbd109be3431f
timing-allow-origin: *
cf-ray: 8a22721ebdc59113-FRA

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 57 B
241 B 112ms
110ms XHR
text/plain 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_6s32qPgp6GMgQ73&Version=0&Q_CLIENTVERSION=2.10.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.f83656fbc6c9f02061b2.chunk.js?Q_CLIENTVERSION=2.10.0&Q_CLIENTTYPE=web&Q_BRANDID=www.norcal-group.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

191c90e801eda262d5d782185a06b18569d22fa74974b8e907900f3a32543ff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norcal-group.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Jul 2024 16:35:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.norcal-group.com
cache-control: must-revalidate, max-age=300
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 4c5a480699154dcc
timing-allow-origin: *
cf-ray: 8a22721ebdc79113-FRA

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.norcalmutual.com/	1970-01-20 22:00:03	Name: __cf_bm Value: l2zzH1gHNBqtfpgDCgEEc76ihV.beMrdg0RVpFiTe2Y-1720802117-1.0.1.1-OqMjBBcLFJ85CQdS7lH5xd1XLU_YgcBO8mCzS48CPA06cpACu.6Qs8bN4nGJPJT72qExkbskX6lGWywkMytSAA
.www.norcalmutual.com/	1969-12-31 23:59:59	Name: __cfruid Value: 2736babd10488fa8364af505c6fd8972ec5911f0-1720802117
.www.norcal-group.com/	1970-01-20 22:00:03	Name: __cf_bm Value: h9Qaig3t5tMyH3pIdIlybaF.DpYsoSkvnteb_7uo6Xw-1720802117-1.0.1.1-68uk21I0JUmPlGJqMjY.R.9FUXIG6l356cGVvVuIzewtYP3z80b9kgRWKlg.wjONI2lKdUdXhyNPnCDAf9Y10g
.www.norcal-group.com/	1969-12-31 23:59:59	Name: __cfruid Value: 2736babd10488fa8364af505c6fd8972ec5911f0-1720802117
.norcal-group.com/	1970-01-21 06:45:38	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Jul+12+2024+18%3A35%3A18+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202302.1.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.norcal-group.com%2F&groups=C0001%3A1%2CC0003%3A1%2CSPD_BG%3A1%2CC0002%3A1%2CC0004%3A1%2CC0005%3A1
.hsforms.com/	1970-01-20 22:00:03	Name: __cf_bm Value: l8wyAit0BKVmbLq.7hr1.10nLPpdR1Za3LnBAxL2YGE-1720802118-1.0.1.1-Ow.4hVHlRLUlqOK7h_ZNn4IE5kT7E9jKv.KjUxnGu820bt9CUSX9.loHgUYEbghfEO2vRFEv4oM_ZUGdtwJ75Q
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: jwD6x40HFn3Qj9O63VfHM55IjORIGNzVsdFUTe6J37o-1720802118246-0.0.1.1-604800000
.hubspot.com/	1970-01-20 22:00:03	Name: __cf_bm Value: LV1qIjrP7U_BFW8uezZSFE49mZ08YD7LsOMYz6y2CJc-1720802118-1.0.1.1-eNU_Wt1Orcw39gsIP4cQJhUDo6es1KfzVxzZ0YWocm1k3WQriw4Vsgs3vq4FfCwalRwgGW2_OV23q5uP0tsaVA
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: sY51rt1svp_cmfNPWjcbg340ZxzigdFYPLAp7oCGsMA-1720802118272-0.0.1.1-604800000
.files.norcal-group.com/	1970-01-20 22:00:03	Name: __cf_bm Value: zWXmdLqlEM_5PhRe6ZdgwWMrSpxdpdACZLFzrcmNBok-1720802118-1.0.1.1-BxNCsjT5rji55BQWI7bzJqEfoKk_NPtfihkA5l6gsW9DJ5BAxN0UPFWvIJPEVe1kPjgC4XabF0_q_ES5yZAQDQ
.files.norcal-group.com/	1969-12-31 23:59:59	Name: __cfruid Value: ace966c33d70c97d7dd8b7961886fab9282956af-1720802118
.norcal-group.com/	1970-01-21 07:36:02	Name: _ga Value: GA1.2.603810023.1720802119
.norcal-group.com/	1970-01-20 22:01:28	Name: _gid Value: GA1.2.322834414.1720802119
.norcal-group.com/	1970-01-20 22:00:02	Name: _gat Value: 1
.norcal-group.com/	1970-01-21 07:36:02	Name: _ga_2FBXJGXT0M Value: GS1.2.1720802118.1.0.1720802118.60.0.0
.norcal-group.com/	1970-01-21 02:19:14	Name: __hstc Value: 227165570.583b70e5c71c53adad76b017e762e30a.1720802118803.1720802118803.1720802118803.1
.norcal-group.com/	1970-01-21 02:19:14	Name: hubspotutk Value: 583b70e5c71c53adad76b017e762e30a
.norcal-group.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.norcal-group.com/	1970-01-20 22:00:03	Name: __hssc Value: 227165570.1.1720802118803

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.norcal-group.com/undefined Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

508142.fs1.hubspotusercontent-na1.net
app.hubspot.com
cc.swiftype.com
cdn.cookielaw.org
cdn2.hubspot.net
cta-service-cms2.hubspot.com
files.norcal-group.com
forms-na1.hsforms.com
js.hs-analytics.net
js.hs-banner.com
js.hubspot.com
perf-na1.hsforms.com
region1.analytics.google.com
s.swiftypecdn.com
siteintercept.qualtrics.com
static.hsappstatic.net
stats.g.doubleclick.net
track.hubspot.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.norcal-group.com
www.norcalmutual.com
zn6s32qpgp6gmgq73-norcalmutualinsuranc.siteintercept.qualtrics.com
104.17.208.240
151.101.1.167
169.48.219.66
2001:4860:4802:32::36
2606:2c40::c73c:671c
2606:2c40::c73c:67e4
2606:4700:4400::6812:297c
2606:4700:4400::ac40:991b
2606:4700::6810:7574
2606:4700::6810:a0a8
2606:4700::6811:ae5b
2606:4700::6812:5a3e
2606:4700::6813:afbc
2606:4700::6813:b234
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2008
2a00:1450:4001:813::200e
2a00:1450:400c:c00::9d
082fd9e509f609d3be9fab0a6161ab4c94341147ab2d1e42d9aaca2d67954e04
0fec905a7c1cb86675bcfb39dc2c567edd54392773ca1d754cd3fb165d3b5c7e
1001a9bc1080018e46359b73ed1fcdfdd0cfd966eacc63b1b4a4b1bfcd81f104
178f8b05706c1bd47a1ba31264194f9a86c2324d7f3f387eb76d25407cab5b13
191c90e801eda262d5d782185a06b18569d22fa74974b8e907900f3a32543ff9
1ae736ab49ff32551f986c1f3d5fd240f44a9f0e9544ec7689842667008245b0
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
2009330b44a7e80724b1358435dbc6ccbb854a5c80a5d3f5b18607bdcae14245
223ce47ad1f37b0e8d8d12e8333faa417930d86e8a2b69e932364cd4fa725310
225f82a539996f3920a59e1f7788465df90e61ebd5178aa7119465892d31d4f5
2552d8d62d9c60f59b3b11a5d083d1ebd090c72de809fc7c76fb339825302241
2d7c7930eb39d59cd8c2dc00652977da3ed72347e7cd465f7b540e10e2121c22
2e9469b5b39e9db3ab9f5212925dff57bbbe70e9b43672a3037ae98980098069
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
330a318c75af1ffc7ede4e88f68c4db19c25ae234cd4932ee8b5223876f16149
356bb4bf2245a68ee5de5732b5574260dd2016a2c3987e17ad97fb2586a883d1
369a904e6a2a6cb6fef3e935c723dead810c01aa74ff7771983a06e5f3cf8f39
3712c17c27414c5a3981a0c1946d831001f5ad4e45b62577c08928c37f6ec8d4
39de22a33f719a8157f2d84d05dd987510d132cf4ddd22811f88de3d35429112
44edc35a3ba2b387c2963170e7ba17c4f17c87eb1af9d70578360b7beadee2f1
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61402f3da6c023f462dd4c9c3f7676cb4e56fcbee4e875fdfd339dc3111b0d8a
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ce3a3bb40fd10649c6d6d7eca68d794ba9b596a6a53609d53148f55eab6c124
791b7515bd123a34f25953abc2ec1b8e6a926458e2083330ed90c27c12983289
7a9f8df54ad46eef8767334e4241b2811c8ca41efec4a98b4aa4860d7464aa8d
7ed8e0a5345276065984682a99fbec4b23aec5de541446a1133633e4fdb52eea
801cba7466df0e6bf3e389d72214892f10888bd353f7ba17d05b692d703c7d07
86fd687ca68f9a0462e72f681166754675ce460649a414ad6a2205bccda852ee
89c693870343ee93d3aae787fcd36f0d0fb119e0a281908856a933f9cfadc423
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
98dfeb1d061e8788b320a130a84723813efed0b2518921f30b40cc8a09bf8ecf
9a45c89da6cfa94009a61215c8921175ec1bf18444adb5bcba07e22e9b12954d
9ec59a61ed4a3dd0906ce19c96e432f5bec8cf1403dbda5ad3590a415f78a08b
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
ac8b8cb05883e7c128c484dcb07666418952ed647847fdace2e8e9a22dc2f2ea
b28ae40ac9ef82a5f8426c454cf12d9186a8e6813f6244bb9dddbef59af95071
b8f826282f1a8d40c54d44c67de9cf264b9de0186e435f11b471c3e95fbb4c21
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d9e0b99baccbc816cf65dffbb183c84906b949f9dc1bd3f876fb87e0f76d1173
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0c289faa80333eff728b8bdbbf10b11dec1a6e1938a444e1cc41be6744e96d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70be2849f7e7f7f27dc4eb168538ef25474e4799e1a4a4d9aee01f57f4c5a3f
e73156fe6c2d94ced522b83087e4ab586a255979bc4f74b230f3df13fa92ea96
e9170d70833956e85831eaf5627ce683047db72b20dd2d9a0382da93d2702e7b
ee3184f88b136b6ad521ec8d57fcf138b0c78172ee82e5d8773998bebac6486d
ee97961b55c09dfaf1e1cd5f19f56d385c09aea6eeccddbc6a4a7cfc48b3bbd9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f093f201dbf00e09264e40b0440246f78e99735d2e2615a1734365a4e5dd4ba8
f1b9262e72023835f25c64460a568d1ce8e7f92d75c0cceb9b031af3205604dd
f826bcac220a5475477ee65fae659b0d8292d038d180a122df67fadb6742ed52
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

www.norcal-group.com Open in urlscan Pro 2606:2c40::c73c:67e4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

100 %HTTPS

83 %IPv6

18 Domains

24 Subdomains

18 IPs

4 Countries

1517 kBTransfer

3634 kBSize

19 Cookies

5 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.norcal-group.com Open in urlscan Pro
2606:2c40::c73c:67e4 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

100 %
HTTPS

83 %
IPv6

18
Domains

24
Subdomains

18
IPs

4
Countries

1517 kB
Transfer

3634 kB
Size

19
Cookies

60 HTTP transactions
4 data transactions