urlscan.io logo urlscan.io
SecurityTrails logo

hub.nerodesign.work Open in urlscan Pro
172.66.44.227  Public Scan

Go To Rescan Add Verdict Report
URL: https://hub.nerodesign.work/
Submission: On June 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 21 HTTP transactions. The main IP is 172.66.44.227, located in United States and belongs to CLOUDFLARENET, US. The main domain is hub.nerodesign.work.
TLS certificate: Issued by E6 on June 24th 2024. Valid for: 3 months.
This is the only time hub.nerodesign.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 172.66.44.227 13335 (CLOUDFLAR...)
3 2606:4700:310... 13335 (CLOUDFLAR...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:50c0:800... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
2 35.241.40.10 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 172.64.148.154 13335 (CLOUDFLAR...)
1 104.18.2.36 13335 (CLOUDFLAR...)
21 10
1    172.66.44.227 (United States)

ASN13335 (CLOUDFLARENET, US)
hub.nerodesign.work
3    2606:4700:310c::ac42:2fc1 (United States)

ASN13335 (CLOUDFLARENET, US)
templates.bullet.so
3    2606:4700:20::681a:978 (United States)

ASN13335 (CLOUDFLARENET, US)
log.bullet.so
2    2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)
sites.super.so
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42:600::720 (United States)

ASN54113 (FASTLY, US)
images.unsplash.com
2    35.241.40.10 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 10.40.241.35.bc.googleusercontent.com
app.crikle.com
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    172.64.148.154 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
www.notion.so
1    104.18.2.36 (None, )

ASN13335 (CLOUDFLARENET, US)
imagedelivery.net
Apex Domain
Subdomains		 Transfer
6 bullet.so
templates.bullet.so
log.bullet.so
48 KB
3 notion.so
www.notion.so — Cisco Umbrella Rank: 7501
60 KB
3 gstatic.com
fonts.gstatic.com
109 KB
2 crikle.com
app.crikle.com
235 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
1 KB
2 super.so
sites.super.so
5 KB
1 imagedelivery.net
imagedelivery.net — Cisco Umbrella Rank: 17204
617 B
1 unsplash.com
images.unsplash.com — Cisco Umbrella Rank: 14757
2 MB
1 nerodesign.work
hub.nerodesign.work
46 KB
21 9
Domain Requested by
3 www.notion.so hub.nerodesign.work
3 fonts.gstatic.com fonts.googleapis.com
3 log.bullet.so hub.nerodesign.work
log.bullet.so
3 templates.bullet.so hub.nerodesign.work
2 app.crikle.com hub.nerodesign.work
app.crikle.com
2 fonts.googleapis.com hub.nerodesign.work
2 sites.super.so hub.nerodesign.work
1 imagedelivery.net
1 images.unsplash.com hub.nerodesign.work
1 hub.nerodesign.work
21 10

This site contains links to these domains. Also see Links.

Domain
notes.nero.support
www.istockphoto.com
Subject Issuer Validity Valid
hub.nerodesign.work
E6		 2024-06-24 -
2024-09-22		 3 months crt.sh
templates.bullet.so
GTS CA 1P5		 2024-05-17 -
2024-08-15		 3 months crt.sh
bullet.so
GTS CA 1P5		 2024-05-07 -
2024-08-05		 3 months crt.sh
sites.super.so
R3		 2024-04-30 -
2024-07-29		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
images.unsplash.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-12-07 -
2025-01-07		 a year crt.sh
app.crikle.com
GTS CA 1D4		 2024-05-05 -
2024-08-03		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
notion.so
E5		 2024-06-14 -
2024-09-12		 3 months crt.sh
imagedelivery.net
E5		 2024-06-24 -
2024-09-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://hub.nerodesign.work/
Frame ID: 3BBDBC7236A601992A713543A6A4CAA2
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Knowledge HUB

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

21
Requests

100 %
HTTPS

60 %
IPv6

9
Domains

10
Subdomains

10
IPs

3
Countries

2412 kB
Transfer

4188 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hub.nerodesign.work/ 		1 MB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hub.nerodesign.work/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.44.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb2d0a7ae8ab9710c08f1c421ca9ca113fbdd3a99d584b85cf74406090c29444
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: wss:; manifest-src 'self'; img-src https: data: 'self'; style-src https: 'unsafe-inline'; script-src 'unsafe-inline' https:; frame-ancestors http://localhost:3000/ https://app.bullet.so/ 'self'; object-src 'none'; worker-src https: blob: data: 'self'; base-uri 'self'
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
898dfd5d0a6834e0-WAW
content-encoding
br
content-security-policy
default-src 'self' https: wss:; manifest-src 'self'; img-src https: data: 'self'; style-src https: 'unsafe-inline'; script-src 'unsafe-inline' https:; frame-ancestors http://localhost:3000/ https://app.bullet.so/ 'self'; object-src 'none'; worker-src https: blob: data: 'self'; base-uri 'self'
content-type
text/html; charset=utf-8
date
Mon, 24 Jun 2024 16:10:44 GMT
etag
W/"681bb960f57ffcbf635083522cdc4432"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
geolocation=(self)
referrer-policy
strict-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eNqP%2BnJx%2BeNI8zvfH4oPk7zzTh2JrYsxES1ypa82M77VdiqS7A9gFqIlyNmUeVZllUqa526GsjKDdW6ATbUB8LuWBoy3PiVm%2B2Jsyfu%2B0604GKsAFtT1PFIEg%2BMWItxA2mGAd9nz"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
main.min.css
templates.bullet.so/assets/css/ 		88 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://templates.bullet.so/assets/css/main.min.css
Requested by
Host: hub.nerodesign.work
URL: https://hub.nerodesign.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2fc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d636243d32f71ac541bb1712f91c17a700c4238095f2e1fb482582285ffacbdf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hub.nerodesign.work/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 16:10:45 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"8ba37dd0c9d0104f971c9b5b85c6b64c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nyx3pI77%2FfiNI16%2F1jfsWQ4PiuPhKsfo9FIKBlpoIaZbzG0ZG7WtYdRsV3Je7DWRTMY9yapiQ%2B%2FdVIodCNno8PMTQ9iWlojn8NNPm9tVlNOHTpr2fOJuuN%2B%2Bf9JJ%2Fj1sUmRer4nASLMH2XtvXaoKs1Ce"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
898dfd5f7d692c7e-FRA
alt-svc
h3=":443"; ma=86400
umami.js
log.bullet.so/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://log.bullet.so/umami.js
Requested by
Host: hub.nerodesign.work
URL: https://hub.nerodesign.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
614147a2fbc289fa4de70bb92786157cfa72044b31128f46c8f83202a4a0d675
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hub.nerodesign.work/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 16:10:45 GMT
content-security-policy
default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=2670
x-dns-prefetch-control
on
content-disposition
inline; filename="umami.js"
cf-bgj
minify
x-vercel-id
fra1::hlrw6-1711392415162-04991bdfb6ee
server
cloudflare
x-matched-path
/umami.js
etag
W/"4a8cf5aca27749e6ceb01cd962bff381"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k4tQfa%2BHGDYxw112rQ2wwGLkHOzU3Z%2BBRdpEoZ9w%2FD6CgIr%2B1sOK6EDWRhKuKfCKb%2BblmTODgrlyKhXAQs7PeRrMZOz0Xfol%2FLN22PwwScMWMtumoTAS7nD9a3v9ggLMmPr4e9uTbI7DBlo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
vary
Accept-Encoding
cf-ray
898dfd5f7f079a12-FRA
style.css
sites.super.so/aether/ 		30 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sites.super.so/aether/style.css
Requested by
Host: hub.nerodesign.work
URL: https://hub.nerodesign.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
b3a1383ec69831a05a5b79a2af8bdc2c849d6d6bcf2a4f29404c43a282b9d237

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hub.nerodesign.work/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
13393f7eb6da0710e31ba196a09216b96a7c7043
date
Mon, 24 Jun 2024 16:10:45 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
HIT
x-proxy-cache
MISS
content-length
4602
x-served-by
cache-mxp6974-MXP
last-modified
Mon, 10 Jun 2024 10:30:03 GMT
server
GitHub.com
x-github-request-id
BB38:1F8001:46F9B3A:48569B1:6678CEB8
x-timer
S1719245445.076144,VS0,VE109
etag
W/"6666d5ab-76c5"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Mon, 24 Jun 2024 01:51:12 GMT
script.js
sites.super.so/aether/ 		754 B
801 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sites.super.so/aether/script.js
Requested by
Host: hub.nerodesign.work
URL: https://hub.nerodesign.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
8836c8a6dea485317c5c16198d72a7bec0d1ca2a4cffa9ee4e596522dfb4f92e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hub.nerodesign.work/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
4973800c58aae66062cd224116db1ae6f15e5212
date
Mon, 24 Jun 2024 16:10:45 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
HIT
x-proxy-cache
MISS
content-length
399
x-served-by
cache-mxp6974-MXP
last-modified
Mon, 10 Jun 2024 10:30:03 GMT
server
GitHub.com
x-github-request-id
28CD:3DE7FB:2DEDE7C:2EE9B1F:66791BA0
x-timer
S1719245445.076111,VS0,VE101
etag
W/"6666d5ab-2f2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Mon, 24 Jun 2024 07:19:20 GMT
css2
fonts.googleapis.com/ 		4 KB
655 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Almarai:wght@100&family=Almarai:wght@200&family=Almarai:wght@300&family=Almarai:wght@400&family=Almarai:wght@500&family=Almarai:wght@600&family=Almarai:wght@700&family=Almarai:wght@800&family=Almarai:wght@900&display=swap
Requested by
Host: hub.nerodesign.work
URL: https://hub.nerodesign.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
873c4bac379edcbcfaa8c45799606ad9ded0c5746fa9bd0f0e4f02b38d92e995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hub.nerodesign.work/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 24 Jun 2024 16:10:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 24 Jun 2024 16:10:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Jun 2024 16:10:45 GMT
css2
fonts.googleapis.com/ 		808 B
809 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Staatliches:wght@100&family=Staatliches:wght@200&family=Staatliches:wght@300&family=Staatliches:wght@400&family=Staatliches:wght@500&family=Staatliches:wght@600&family=Staatliches:wght@700&family=Staatliches:wght@800&family=Staatliches:wght@900&display=swap
Requested by
Host: hub.nerodesign.work
URL: https://hub.nerodesign.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2976039b63eeff0cc5d81f40e51e505eabfa0ac821162478934598ea8c7f9cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hub.nerodesign.work/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 24 Jun 2024 16:10:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 24 Jun 2024 16:10:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Jun 2024 16:10:45 GMT
search.bundle.min.js
templates.bullet.so/assets/js/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://templates.bullet.so/assets/js/search.bundle.min.js
Requested by
Host: hub.nerodesign.work
URL: https://hub.nerodesign.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2fc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b6e4029fc465060574ba022f53500f9f65ac02ea48515a78fd30a4407611b1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hub.nerodesign.work/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 16:10:45 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"544b97bdb508f1b197ba578379b57732"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SOm05qp8RV7LF07JkBbjA4s%2Fv5zW25QURtlIDFLhQjReVpz2G69T0GzHG09TQFCFkK%2B1yLHZ2ODBXEYw3C6wH66q6mhqmLrPN8M1tI2hnH5oYww0hbV06ljR12OwXoMbSeDDTlNz9dzcdaBXBWtQXsSc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
898dfd5f8d6e2c7e-FRA
alt-svc
h3=":443"; ma=86400
photo-1567360425618-1594206637d2
images.unsplash.com/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1567360425618-1594206637d2?ixlib=rb-4.0.3&q=85&fm=jpg&crop=entropy&cs=srgb
Requested by
Host: hub.nerodesign.work
URL: https://hub.nerodesign.work/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
49e37ebde939be409fbe408c13a93bb25cc3521686705155c56348fb2399693f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hub.nerodesign.work/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 16:10:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 Jun 2024 16:12:02 GMT
server
imgix
age
518323
x-cache
HIT, HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
34787d9f228192b6a0eca2ede4a27a90ff56c602
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
1950376
x-served-by
cache-sjc10025-SJC, cache-fra-etou8220035-FRA, cache-mxp6935-MXP
a62c4c4f-c4c4-4773-ab70-1c87a1857f9b.js
app.crikle.com/scripts/convert/ 		752 B
708 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.crikle.com/scripts/convert/a62c4c4f-c4c4-4773-ab70-1c87a1857f9b.js
Requested by
Host: hub.nerodesign.work
URL: https://hub.nerodesign.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.10 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
10.40.241.35.bc.googleusercontent.com
Software
nginx/1.27.0 /
Resource Hash
1d443fff84cf759675edb26bb1d2f6dc2c4d7217a89a36ddaad17dbef60ec595
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hub.nerodesign.work/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 16:10:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx/1.27.0
via
1.1 google
etag
W/"2f0-yeAsLtfNOdSPzylQNmqCiDrnQo0"
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/javascript; charset=utf-8
content-language
de-DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
site.bundle.min.js
templates.bullet.so/assets/js/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://templates.bullet.so/assets/js/site.bundle.min.js
Requested by
Host: hub.nerodesign.work
URL: https://hub.nerodesign.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2fc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0d0c36aa217449aa802cdcb3eec592d6fc0cd00551b88130d3eff1e291449ab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hub.nerodesign.work/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 16:10:45 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"af3ca2c810812d53f8ed900820e1ceaa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yGZJEWvdNnXCin7nZyXxSf%2FnoK0BKXNqYhwuuDZNPv13%2BbxETtZPmCtRH1hEssfi2DKsJi0jSoV6e48Ep2wJo%2F9uA6pdkVvmlE7d3swUVSdG0C2LOkTc9L7YbCVnrsGeDynw1Se22IyfdlwLWe7PPlqn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
898dfd5f8d6f2c7e-FRA
alt-svc
h3=":443"; ma=86400
HI_OiY8KO6hCsQSoAPmtMYebvpA.woff2
fonts.gstatic.com/s/staatliches/v13/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/staatliches/v13/HI_OiY8KO6hCsQSoAPmtMYebvpA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Staatliches:wght@100&family=Staatliches:wght@200&family=Staatliches:wght@300&family=Staatliches:wght@400&family=Staatliches:wght@500&family=Staatliches:wght@600&family=Staatliches:wght@700&family=Staatliches:wght@800&family=Staatliches:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f3a39acb9679b8f61f939937dc06653138678825653eb9e954cc084160fd4e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://hub.nerodesign.work
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:53:46 GMT
x-content-type-options
nosniff
age
523019
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16200
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:06:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:53:46 GMT
tssoApxBaigK_hnnS-agtnqWow.woff2
fonts.gstatic.com/s/almarai/v12/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/almarai/v12/tssoApxBaigK_hnnS-agtnqWow.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Almarai:wght@100&family=Almarai:wght@200&family=Almarai:wght@300&family=Almarai:wght@400&family=Almarai:wght@500&family=Almarai:wght@600&family=Almarai:wght@700&family=Almarai:wght@800&family=Almarai:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b5a1116fedf74e888369da43f27b4ea6e21a7c5b3e3dde3227da6c21a2ef67c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://hub.nerodesign.work
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:57:17 GMT
x-content-type-options
nosniff
age
522808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48004
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:29:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:57:17 GMT
tsstApxBaigK_hnnQ1iFow.woff2
fonts.gstatic.com/s/almarai/v12/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/almarai/v12/tsstApxBaigK_hnnQ1iFow.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Almarai:wght@100&family=Almarai:wght@200&family=Almarai:wght@300&family=Almarai:wght@400&family=Almarai:wght@500&family=Almarai:wght@600&family=Almarai:wght@700&family=Almarai:wght@800&family=Almarai:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a6bda3553569fc700de73f81edc96180d144db1e05a702bc9854dbe14961c5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://hub.nerodesign.work
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:55:17 GMT
x-content-type-options
nosniff
age
522928
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46804
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:10:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:55:17 GMT
star_blue.svg
www.notion.so/icons/ 		273 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.notion.so/icons/star_blue.svg?mode=light
Requested by
Host: hub.nerodesign.work
URL: https://hub.nerodesign.work/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.154 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e28b5e29921b9e0509250d0605bea38c78832148d77b6db67211380d37c1ae1e
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://cdn.amplitude.com https://api.amplitude.com https://dev-embed.notion.co https://embed.notion.co https://static.zdassets.com https://api.smooch.io https://solve-widget.forethought.ai https://logs-01.loggly.com https://http-inputs-notion.splunkcloud.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com https://static.profitwell.com https://js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com https://accounts.google.com https://vimeo.com https://player.vimeo.com https://youtube.com https://www.youtube.com https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://cdn.metadata.io https://platformapi.metadata.io https://api-gw.metadata.io https://d2hrivdxn8ekm8.cloudfront.net https://d1lu3pmaz2ilpx.cloudfront.net https://dvqigh9b7wa32.cloudfront.net https://d330aiyvva2oww.cloudfront.net https://transcend-cdn.com https://cdn01.boxcdn.net https://cdn.sprig.com https://assets.customer.io https://code.gist.build https://www.google.com https://www.gstatic.com https://challenges.cloudflare.com;connect-src 'self' data: blob: https://cdn.amplitude.com https://api.amplitude.com https://www.notion.so https://api.embed.ly https://dev-embed.notion.co https://embed.notion.co https://ekr.zdassets.com https://ekr.zendesk.com https://makenotion.zendesk.com https://api.smooch.io wss://api.smooch.io https://api.forethought.ai https://logs-01.loggly.com https://http-inputs-notion.splunkcloud.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://api.giphy.com/ https://giphy-analytics.giphy.com/ https://media0.giphy.com/ https://media1.giphy.com/ https://media2.giphy.com/ https://media3.giphy.com/ https://media4.giphy.com/ https://media5.giphy.com/ https://media6.giphy.com/ https://media7.giphy.com/ https://media8.giphy.com/ https://media9.giphy.com/ https://media10.giphy.com/ https://boards-api.greenhouse.io https://accounts.google.com https://oauth2.googleapis.com https://vimeo.com https://player.vimeo.com https://youtube.com https://www.youtube.com https://www.googletagmanager.com https://analytics.google.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://cdn.metadata.io https://platformapi.metadata.io https://api-gw.metadata.io https://d2hrivdxn8ekm8.cloudfront.net https://d1lu3pmaz2ilpx.cloudfront.net https://dvqigh9b7wa32.cloudfront.net https://d330aiyvva2oww.cloudfront.net https://transcend-cdn.com https://telemetry.transcend.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com https://statsigapi.net https://exp.notion.so https://api.box.com https://*.mux.com https://api.sprig.com https://storage.googleapis.com https://cdn.sprig.com https://cdn.userleap.com https://track.customer.io https://*.api.gist.build https://*.cloud.gist.build https://api.palette.dev wss://msgstore.www.notion.so https://msgstore.www.notion.so https://audioprocessor.www.notion.so wss://audioprocessor.www.notion.so ws://localhost:* ws://127.0.0.1:* https://prod-files-secure.s3.us-west-2.amazonaws.com https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://file.notion.so notion://file.notion.so;font-src 'self' data: https://cdnjs.cloudflare.com https://cdn01.boxcdn.net;img-src 'self' data: blob: https: https://images.ctfassets.net https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com https://region1.google-analytics.com https://region1.analytics.google.com https://*.mux.com https://track.customer.io https://file.notion.so notion://file.notion.so;style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com https://accounts.google.com https://transcend-cdn.com https://cdn01.boxcdn.net https://code.gist.build;frame-ancestors 'self';worker-src 'self' blob:;child-src 'self' blob:;media-src blob: https: http: https://*.mux.com https://file.notion.so notion://file.notion.so;frame-src https: http: https://accounts.google.com https://renderer.gist.build https://code.gist.build https://challenges.cloudflare.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hub.nerodesign.work/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 16:10:45 GMT
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://cdn.amplitude.com https://api.amplitude.com https://dev-embed.notion.co https://embed.notion.co https://static.zdassets.com https://api.smooch.io https://solve-widget.forethought.ai https://logs-01.loggly.com https://http-inputs-notion.splunkcloud.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com https://static.profitwell.com https://js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com https://accounts.google.com https://vimeo.com https://player.vimeo.com https://youtube.com https://www.youtube.com https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://cdn.metadata.io https://platformapi.metadata.io https://api-gw.metadata.io https://d2hrivdxn8ekm8.cloudfront.net https://d1lu3pmaz2ilpx.cloudfront.net https://dvqigh9b7wa32.cloudfront.net https://d330aiyvva2oww.cloudfront.net https://transcend-cdn.com https://cdn01.boxcdn.net https://cdn.sprig.com https://assets.customer.io https://code.gist.build https://www.google.com https://www.gstatic.com https://challenges.cloudflare.com;connect-src 'self' data: blob: https://cdn.amplitude.com https://api.amplitude.com https://www.notion.so https://api.embed.ly https://dev-embed.notion.co https://embed.notion.co https://ekr.zdassets.com https://ekr.zendesk.com https://makenotion.zendesk.com https://api.smooch.io wss://api.smooch.io https://api.forethought.ai https://logs-01.loggly.com https://http-inputs-notion.splunkcloud.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://api.giphy.com/ https://giphy-analytics.giphy.com/ https://media0.giphy.com/ https://media1.giphy.com/ https://media2.giphy.com/ https://media3.giphy.com/ https://media4.giphy.com/ https://media5.giphy.com/ https://media6.giphy.com/ https://media7.giphy.com/ https://media8.giphy.com/ https://media9.giphy.com/ https://media10.giphy.com/ https://boards-api.greenhouse.io https://accounts.google.com https://oauth2.googleapis.com https://vimeo.com https://player.vimeo.com https://youtube.com https://www.youtube.com https://www.googletagmanager.com https://analytics.google.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://cdn.metadata.io https://platformapi.metadata.io https://api-gw.metadata.io https://d2hrivdxn8ekm8.cloudfront.net https://d1lu3pmaz2ilpx.cloudfront.net https://dvqigh9b7wa32.cloudfront.net https://d330aiyvva2oww.cloudfront.net https://transcend-cdn.com https://telemetry.transcend.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com https://statsigapi.net https://exp.notion.so https://api.box.com https://*.mux.com https://api.sprig.com https://storage.googleapis.com https://cdn.sprig.com https://cdn.userleap.com https://track.customer.io https://*.api.gist.build https://*.cloud.gist.build https://api.palette.dev wss://msgstore.www.notion.so https://msgstore.www.notion.so https://audioprocessor.www.notion.so wss://audioprocessor.www.notion.so ws://localhost:* ws://127.0.0.1:* https://prod-files-secure.s3.us-west-2.amazonaws.com https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://file.notion.so notion://file.notion.so;font-src 'self' data: https://cdnjs.cloudflare.com https://cdn01.boxcdn.net;img-src 'self' data: blob: https: https://images.ctfassets.net https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com https://region1.google-analytics.com https://region1.analytics.google.com https://*.mux.com https://track.customer.io https://file.notion.so notion://file.notion.so;style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com https://accounts.google.com https://transcend-cdn.com https://cdn01.boxcdn.net https://code.gist.build;frame-ancestors 'self';worker-src 'self' blob:;child-src 'self' blob:;media-src blob: https: http: https://*.mux.com https://file.notion.so notion://file.notion.so;frame-src https: http: https://accounts.google.com https://renderer.gist.build https://code.gist.build https://challenges.cloudflare.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
5698
document-policy
js-profiling
x-dns-prefetch-control
off
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
x-notion-request-id
a2b0724d-6089-44eb-a67d-fbd7d9bac4ed
server
cloudflare
etag
W/"111-HBGl4aZ4v1PJN/Cuz4y55E9rmG0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
898dfd618f5ebf19-WAW
lock_lightgray.svg
www.notion.so/icons/ 		225 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.notion.so/icons/lock_lightgray.svg?mode=light
Requested by
Host: hub.nerodesign.work
URL: https://hub.nerodesign.work/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.154 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
279aafb906e868e5d140013feb9f51f321284a5240cc3b461f1557361b6324b6
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://cdn.amplitude.com https://api.amplitude.com https://dev-embed.notion.co https://embed.notion.co https://static.zdassets.com https://api.smooch.io https://solve-widget.forethought.ai https://logs-01.loggly.com https://http-inputs-notion.splunkcloud.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com https://static.profitwell.com https://js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com https://accounts.google.com https://vimeo.com https://player.vimeo.com https://youtube.com https://www.youtube.com https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://cdn.metadata.io https://platformapi.metadata.io https://api-gw.metadata.io https://d2hrivdxn8ekm8.cloudfront.net https://d1lu3pmaz2ilpx.cloudfront.net https://dvqigh9b7wa32.cloudfront.net https://d330aiyvva2oww.cloudfront.net https://transcend-cdn.com https://cdn01.boxcdn.net https://cdn.sprig.com https://assets.customer.io https://code.gist.build https://www.google.com https://www.gstatic.com https://challenges.cloudflare.com;connect-src 'self' data: blob: https://cdn.amplitude.com https://api.amplitude.com https://www.notion.so https://api.embed.ly https://dev-embed.notion.co https://embed.notion.co https://ekr.zdassets.com https://ekr.zendesk.com https://makenotion.zendesk.com https://api.smooch.io wss://api.smooch.io https://api.forethought.ai https://logs-01.loggly.com https://http-inputs-notion.splunkcloud.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://api.giphy.com/ https://giphy-analytics.giphy.com/ https://media0.giphy.com/ https://media1.giphy.com/ https://media2.giphy.com/ https://media3.giphy.com/ https://media4.giphy.com/ https://media5.giphy.com/ https://media6.giphy.com/ https://media7.giphy.com/ https://media8.giphy.com/ https://media9.giphy.com/ https://media10.giphy.com/ https://boards-api.greenhouse.io https://accounts.google.com https://oauth2.googleapis.com https://vimeo.com https://player.vimeo.com https://youtube.com https://www.youtube.com https://www.googletagmanager.com https://analytics.google.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://cdn.metadata.io https://platformapi.metadata.io https://api-gw.metadata.io https://d2hrivdxn8ekm8.cloudfront.net https://d1lu3pmaz2ilpx.cloudfront.net https://dvqigh9b7wa32.cloudfront.net https://d330aiyvva2oww.cloudfront.net https://transcend-cdn.com https://telemetry.transcend.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com https://statsigapi.net https://exp.notion.so https://api.box.com https://*.mux.com https://api.sprig.com https://storage.googleapis.com https://cdn.sprig.com https://cdn.userleap.com https://track.customer.io https://*.api.gist.build https://*.cloud.gist.build https://api.palette.dev wss://msgstore.www.notion.so https://msgstore.www.notion.so https://audioprocessor.www.notion.so wss://audioprocessor.www.notion.so ws://localhost:* ws://127.0.0.1:* https://prod-files-secure.s3.us-west-2.amazonaws.com https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://file.notion.so notion://file.notion.so;font-src 'self' data: https://cdnjs.cloudflare.com https://cdn01.boxcdn.net;img-src 'self' data: blob: https: https://images.ctfassets.net https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com https://region1.google-analytics.com https://region1.analytics.google.com https://*.mux.com https://track.customer.io https://file.notion.so notion://file.notion.so;style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com https://accounts.google.com https://transcend-cdn.com https://cdn01.boxcdn.net https://code.gist.build;frame-ancestors 'self';worker-src 'self' blob:;child-src 'self' blob:;media-src blob: https: http: https://*.mux.com https://file.notion.so notion://file.notion.so;frame-src https: http: https://accounts.google.com https://renderer.gist.build https://code.gist.build https://challenges.cloudflare.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hub.nerodesign.work/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 16:10:45 GMT
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://cdn.amplitude.com https://api.amplitude.com https://dev-embed.notion.co https://embed.notion.co https://static.zdassets.com https://api.smooch.io https://solve-widget.forethought.ai https://logs-01.loggly.com https://http-inputs-notion.splunkcloud.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com https://static.profitwell.com https://js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com https://accounts.google.com https://vimeo.com https://player.vimeo.com https://youtube.com https://www.youtube.com https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://cdn.metadata.io https://platformapi.metadata.io https://api-gw.metadata.io https://d2hrivdxn8ekm8.cloudfront.net https://d1lu3pmaz2ilpx.cloudfront.net https://dvqigh9b7wa32.cloudfront.net https://d330aiyvva2oww.cloudfront.net https://transcend-cdn.com https://cdn01.boxcdn.net https://cdn.sprig.com https://assets.customer.io https://code.gist.build https://www.google.com https://www.gstatic.com https://challenges.cloudflare.com;connect-src 'self' data: blob: https://cdn.amplitude.com https://api.amplitude.com https://www.notion.so https://api.embed.ly https://dev-embed.notion.co https://embed.notion.co https://ekr.zdassets.com https://ekr.zendesk.com https://makenotion.zendesk.com https://api.smooch.io wss://api.smooch.io https://api.forethought.ai https://logs-01.loggly.com https://http-inputs-notion.splunkcloud.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://api.giphy.com/ https://giphy-analytics.giphy.com/ https://media0.giphy.com/ https://media1.giphy.com/ https://media2.giphy.com/ https://media3.giphy.com/ https://media4.giphy.com/ https://media5.giphy.com/ https://media6.giphy.com/ https://media7.giphy.com/ https://media8.giphy.com/ https://media9.giphy.com/ https://media10.giphy.com/ https://boards-api.greenhouse.io https://accounts.google.com https://oauth2.googleapis.com https://vimeo.com https://player.vimeo.com https://youtube.com https://www.youtube.com https://www.googletagmanager.com https://analytics.google.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://cdn.metadata.io https://platformapi.metadata.io https://api-gw.metadata.io https://d2hrivdxn8ekm8.cloudfront.net https://d1lu3pmaz2ilpx.cloudfront.net https://dvqigh9b7wa32.cloudfront.net https://d330aiyvva2oww.cloudfront.net https://transcend-cdn.com https://telemetry.transcend.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com https://statsigapi.net https://exp.notion.so https://api.box.com https://*.mux.com https://api.sprig.com https://storage.googleapis.com https://cdn.sprig.com https://cdn.userleap.com https://track.customer.io https://*.api.gist.build https://*.cloud.gist.build https://api.palette.dev wss://msgstore.www.notion.so https://msgstore.www.notion.so https://audioprocessor.www.notion.so wss://audioprocessor.www.notion.so ws://localhost:* ws://127.0.0.1:* https://prod-files-secure.s3.us-west-2.amazonaws.com https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://file.notion.so notion://file.notion.so;font-src 'self' data: https://cdnjs.cloudflare.com https://cdn01.boxcdn.net;img-src 'self' data: blob: https: https://images.ctfassets.net https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com https://region1.google-analytics.com https://region1.analytics.google.com https://*.mux.com https://track.customer.io https://file.notion.so notion://file.notion.so;style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com https://accounts.google.com https://transcend-cdn.com https://cdn01.boxcdn.net https://code.gist.build;frame-ancestors 'self';worker-src 'self' blob:;child-src 'self' blob:;media-src blob: https: http: https://*.mux.com https://file.notion.so notion://file.notion.so;frame-src https: http: https://accounts.google.com https://renderer.gist.build https://code.gist.build https://challenges.cloudflare.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
2008
document-policy
js-profiling
x-dns-prefetch-control
off
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
x-notion-request-id
542b4dcc-bc51-4bf2-b413-b993c8c99967
server
cloudflare
etag
W/"e1-jim+djAhET1r18pmtTUsHLjfsiI"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
898dfd618f63bf19-WAW
https%3A%2F%2Fs3-us-west-2.amazonaws.com%2Fsecure.notion-static.com%2Faf4df89a-ba2b-4b55-9060-2b0b40c58eff%2FNero_Design223.jpg
www.notion.so/image/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.notion.so/image/https%3A%2F%2Fs3-us-west-2.amazonaws.com%2Fsecure.notion-static.com%2Faf4df89a-ba2b-4b55-9060-2b0b40c58eff%2FNero_Design223.jpg?table=block&id=8910218a-11c6-4930-9a9f-b8485773fe3e&cache=v2
Requested by
Host: hub.nerodesign.work
URL: https://hub.nerodesign.work/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.154 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8120bfed413edaa8ce3817e14096cb44b433d4d634469e532725863f8b1176d3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox; form-action: 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy sandbox
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hub.nerodesign.work/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 16:10:45 GMT
content-security-policy
default-src 'none'; sandbox; form-action: 'none'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
document-policy
js-profiling
x-dns-prefetch-control
off
content-disposition
filename="Nero_Design223.jpg"
alt-svc
h3=":443"; ma=86400
cdn-cache-control
public,max-age=3600
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 08 Apr 2021 09:23:00 GMT
x-notion-request-id
fff0bef9-d3ca-4979-abb8-ab1ea84fe933
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public,max-age=31536000,immutable
cf-ray
898dfd618f5cbf19-WAW
x-webkit-csp
default-src 'none'; sandbox; form-action: 'none'
x-content-security-policy
sandbox
convert-widget.js
app.crikle.com/static/js/ 		806 KB
234 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.crikle.com/static/js/convert-widget.js
Requested by
Host: app.crikle.com
URL: https://app.crikle.com/scripts/convert/a62c4c4f-c4c4-4773-ab70-1c87a1857f9b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.10 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
10.40.241.35.bc.googleusercontent.com
Software
nginx/1.27.0 /
Resource Hash
16fa479ed360b05ec737a2a280b0734df9b092996bd89bd6535cc03ba71d1c98
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hub.nerodesign.work/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 16:10:45 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 07 Jun 2024 14:37:37 GMT
server
nginx/1.27.0
etag
"66631b31-3a857"
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
239703
collect
log.bullet.so/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://log.bullet.so/api/collect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://hub.nerodesign.work
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
898dfd645bb003b0-FRA
content-security-policy
default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
date
Mon, 24 Jun 2024 16:10:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yv2SXUkeP%2B5UBsp0%2FmbH3DwE2MHaWf9O2FqJN7NwHlehiyhba3cS45t8jPrdjJRWKCznO8%2FRMRo%2BLybb9R0iBjy7%2F7NCO70NKE%2BrnPWJ3Aqx7%2FMMJ2i1TiSbDGvfLWua5nYK8sG%2BuBdvuBw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000
vary
Access-Control-Request-Headers
x-dns-prefetch-control
on
x-frame-options
SAMEORIGIN
x-matched-path
/api/collect
x-vercel-cache
MISS
x-vercel-id
fra1::iad1::tnckk-1719245445840-4611d6d51c53
collect
log.bullet.so/api/ 		507 B
743 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.bullet.so/api/collect
Requested by
Host: log.bullet.so
URL: https://log.bullet.so/umami.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebf8d1f157f84f2fe8aba229710721ea48d688101c66cb4f45ee6b0a0971e2cf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://hub.nerodesign.work/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 24 Jun 2024 16:10:46 GMT
content-security-policy
default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
on
x-vercel-id
fra1::iad1::l24cb-1719245446104-cfa5d5c4638d
server
cloudflare
x-matched-path
/api/collect
etag
W/"vlul5qg6mae3"
x-vercel-cache
MISS
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gQe64%2FxQ8Kl0lMmxj9S6i%2B4L3asOjCHNn%2FTXXZc4iiGE%2FOzerXCSxPgGs0dAgoEZKwEk02cYsxo4U3Kb1pDVU2RuzB8TaWqvEHiJVUx9xW%2ByIoGm7axDX%2BVq0xgFQFhKqqZLhqPQGK2Muyk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
898dfd661e4603b0-FRA
public
imagedelivery.net/IEMzXmjRvW0g933AN5ejrA/wwwnotionso-icons-star_bluesvg/ 		315 B
617 B 		Other
General
Check archive.org
Download Go to
Full URL
https://imagedelivery.net/IEMzXmjRvW0g933AN5ejrA/wwwnotionso-icons-star_bluesvg/public
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b86b7cfc7cd69d99ec19643eced48e66ba76dfe43df97bd6f8543f20515c0b58
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hub.nerodesign.work/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=981+0 c=0+0 v=2024.6.0 l=315
date
Mon, 24 Jun 2024 16:10:46 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
MISS
cf-bgj
imgq:0,h2pri
server
cloudflare
content-encoding
gzip
etag
W/"cf1j2WnNfXn4hVoPco-FPBZHQZfb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=604800,stale-while-revalidate=7200
cf-ray
898dfd6448cabf60-WAW
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| umami object| Prism object| buttons object| crikle object| __SENTRY__ number| 2f1acc6c3a606b082e5eef5e54414ffb

2 Cookies

Domain/Path Name / Value
.notion.so/ Name: __cf_bm
Value: UCDZvks0s9906ap5QxkfIEZ2EaxR3jixTljS8p9H1sw-1719245445-1.0.1.1-rbrAGnFr107__taBuuZc661xsqK0enZfKw_XGDEwccE7aNp8RNzyOrQDeU9DZ3i6okHDtxYdYiUG7x_81vUSow
.notion.so/ Name: _cfuvid
Value: DT3t9ps3tatIAXAozN7cBKlmeedtNAuX0Ar_QkRnDzk-1719245445706-0.0.1.1-604800000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https: wss:; manifest-src 'self'; img-src https: data: 'self'; style-src https: 'unsafe-inline'; script-src 'unsafe-inline' https:; frame-ancestors http://localhost:3000/ https://app.bullet.so/ 'self'; object-src 'none'; worker-src https: blob: data: 'self'; base-uri 'self'
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.crikle.com
fonts.googleapis.com
fonts.gstatic.com
hub.nerodesign.work
imagedelivery.net
images.unsplash.com
log.bullet.so
sites.super.so
templates.bullet.so
www.notion.so
104.18.2.36
172.64.148.154
172.66.44.227
2606:4700:20::681a:978
2606:4700:310c::ac42:2fc1
2606:50c0:8001::153
2a00:1450:4001:829::2003
2a00:1450:4001:831::200a
2a04:4e42:600::720
35.241.40.10
16fa479ed360b05ec737a2a280b0734df9b092996bd89bd6535cc03ba71d1c98
1d443fff84cf759675edb26bb1d2f6dc2c4d7217a89a36ddaad17dbef60ec595
279aafb906e868e5d140013feb9f51f321284a5240cc3b461f1557361b6324b6
2a6bda3553569fc700de73f81edc96180d144db1e05a702bc9854dbe14961c5e
49e37ebde939be409fbe408c13a93bb25cc3521686705155c56348fb2399693f
614147a2fbc289fa4de70bb92786157cfa72044b31128f46c8f83202a4a0d675
6b5a1116fedf74e888369da43f27b4ea6e21a7c5b3e3dde3227da6c21a2ef67c
77b6e4029fc465060574ba022f53500f9f65ac02ea48515a78fd30a4407611b1
8120bfed413edaa8ce3817e14096cb44b433d4d634469e532725863f8b1176d3
873c4bac379edcbcfaa8c45799606ad9ded0c5746fa9bd0f0e4f02b38d92e995
8836c8a6dea485317c5c16198d72a7bec0d1ca2a4cffa9ee4e596522dfb4f92e
8f3a39acb9679b8f61f939937dc06653138678825653eb9e954cc084160fd4e4
a0d0c36aa217449aa802cdcb3eec592d6fc0cd00551b88130d3eff1e291449ab
b2976039b63eeff0cc5d81f40e51e505eabfa0ac821162478934598ea8c7f9cb
b3a1383ec69831a05a5b79a2af8bdc2c849d6d6bcf2a4f29404c43a282b9d237
b86b7cfc7cd69d99ec19643eced48e66ba76dfe43df97bd6f8543f20515c0b58
bb2d0a7ae8ab9710c08f1c421ca9ca113fbdd3a99d584b85cf74406090c29444
d636243d32f71ac541bb1712f91c17a700c4238095f2e1fb482582285ffacbdf
e28b5e29921b9e0509250d0605bea38c78832148d77b6db67211380d37c1ae1e
ebf8d1f157f84f2fe8aba229710721ea48d688101c66cb4f45ee6b0a0971e2cf