urlscan.io logo urlscan.io
SecurityTrails logo

nucitrus.com Open in urlscan Pro
67.225.220.136  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nucitrus.com/
Effective URL: https://nucitrus.com/
Submission Tags: falconsandbox
Submission: On April 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 17 domains to perform 40 HTTP transactions. The main IP is 67.225.220.136, located in United States and belongs to LIQUIDWEB, US. The main domain is nucitrus.com.
TLS certificate: Issued by R3 on March 31st 2024. Valid for: 3 months.
This is the only time nucitrus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    67.225.220.136 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.nucitrus.com
nucitrus.com
3    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:8dd1 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2606:4700::6812:8d77 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsforms.net
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    18.66.102.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-106.fra56.r.cloudfront.net
static.hotjar.com
3    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net
script.hotjar.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2606:4700::6810:6dfe (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
forms.hscollectedforms.net
1    2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:afc9 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6810:4c8e (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubspot.com
1    2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)
app.hubspot.com
Apex Domain
Subdomains		 Transfer
10 nucitrus.com
nucitrus.com
110 KB
3 hubspot.com
api.hubspot.com — Cisco Umbrella Rank: 4845
app.hubspot.com — Cisco Umbrella Rank: 5595
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
21 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 737
script.hotjar.com — Cisco Umbrella Rank: 933
61 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
235 KB
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 4528
forms.hscollectedforms.net — Cisco Umbrella Rank: 4688
26 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 7278
126 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
395 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2941
www.google.com — Cisco Umbrella Rank: 2
315 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
72 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
274 B
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 4787
25 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2216
21 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2206
23 KB
1 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 6663
154 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2505
1 KB
0 insiderdata360online.com Failed
insiderdata360online.com Failed
40 17
Domain Requested by
10 nucitrus.com nucitrus.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
nucitrus.com
3 www.googletagmanager.com nucitrus.com
www.googletagmanager.com
2 api.hubspot.com js.usemessages.com
2 www.google.de nucitrus.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 script.hotjar.com static.hotjar.com
script.hotjar.com
2 connect.facebook.net nucitrus.com
connect.facebook.net
1 app.hubspot.com js.usemessages.com
1 forms.hscollectedforms.net js.hscollectedforms.net
1 www.facebook.com nucitrus.com
1 www.google.com nucitrus.com
1 js.usemessages.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 region1.analytics.google.com www.googletagmanager.com
1 static.hotjar.com nucitrus.com
1 js.hsforms.net nucitrus.com
1 js.hs-scripts.com nucitrus.com
0 insiderdata360online.com Failed nucitrus.com
40 21

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com
www.linkedin.com
vimeo.com
Subject Issuer Validity Valid
nucitrus.com
R3		 2024-03-31 -
2024-06-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
hs-scripts.com
E1		 2024-04-01 -
2024-06-30		 3 months crt.sh
hsforms.net
GTS CA 1P5		 2024-04-15 -
2024-07-14		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-26 -
2024-04-25		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M03		 2024-02-07 -
2025-03-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google.de
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
hscollectedforms.net
E1		 2024-03-29 -
2024-06-27		 3 months crt.sh
hs-banner.com
E1		 2024-04-01 -
2024-06-30		 3 months crt.sh
hs-analytics.net
GTS CA 1P5		 2024-04-13 -
2024-07-12		 3 months crt.sh
usemessages.com
E1		 2024-04-12 -
2024-07-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2024-01-06 -
2024-12-31		 a year crt.sh

This page contains 2 frames:

Primary Page: https://nucitrus.com/
Frame ID: 6EFF940299B7DC5B51D38BC4B54ECBC8
Requests: 38 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/2571624/threads/utk/a343dea677a94bd188e1728e8ca32878?uuid=a5960e6575cf4b9b8d13024e9ef8a49a&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=nucitrus.com&inApp53=false&messagesUtk=a343dea677a94bd188e1728e8ca32878&url=https%3A%2F%2Fnucitrus.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 4C4D45B50E4A73F5E2AB61D5D57EDBDF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Website Design, SEO Marketing, Website Development, SEO Marketing, Search Engine Optimization, Mobile App Development

Page URL History Show full URLs

  1. http://nucitrus.com/ HTTP 307
    https://nucitrus.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Page Statistics

40
Requests

95 %
HTTPS

84 %
IPv6

17
Domains

21
Subdomains

20
IPs

3
Countries

753 kB
Transfer

2225 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nucitrus.com/ HTTP 307
    https://nucitrus.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nucitrus.com/
Redirect Chain
  • http://nucitrus.com/
  • https://nucitrus.com/
45 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nucitrus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.225.220.136 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.nucitrus.com
Software
Apache /
Resource Hash
d168b81921b3565a183f5c3e5e93cd46966b7b644c096922328f4a9c6f5ea353

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
10568
content-type
text/html; charset=UTF-8
date
Thu, 18 Apr 2024 06:55:33 GMT
link
<https://nucitrus.com/wp-json/>; rel="https://api.w.org/", <https://nucitrus.com/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://nucitrus.com/>; rel=shortlink
server
Apache
vary
Accept-Encoding,User-Agent
x-dns-prefetch-control
on
x-litespeed-tag
27b_HTTP.200

Redirect headers

Location
https://nucitrus.com/
Non-Authoritative-Reason
HttpsUpgrades
js
www.googletagmanager.com/gtag/ 		215 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1000234635
Requested by
Host: nucitrus.com
URL: https://nucitrus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6c471949359fb47be54348b3df27f06b92aa383b5f5fbc96a0ae1d40f0d7866c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:55:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79107
x-xss-protection
0
last-modified
Thu, 18 Apr 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 18 Apr 2024 06:55:33 GMT
js
www.googletagmanager.com/gtag/ 		197 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-30582324-1
Requested by
Host: nucitrus.com
URL: https://nucitrus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fcd765b25a2eca51ef7d51bc6243544bb0324acd90807dbe714db147dead1527
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:55:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72883
x-xss-protection
0
last-modified
Thu, 18 Apr 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 18 Apr 2024 06:55:33 GMT
2571624.js
js.hs-scripts.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/2571624.js
Requested by
Host: nucitrus.com
URL: https://nucitrus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8dd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7e8067d8fd0102f641f3af2c26b740662b05c214cd0a7c80ab5816792d2b56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:55:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
c14d7428-8440-475c-acee-78cf65e2aa93
x-envoy-upstream-service-time
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
c14d7428-8440-475c-acee-78cf65e2aa93
last-modified
Thu, 18 Apr 2024 03:25:09 GMT
server
cloudflare
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://nucitrus.com
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-697677dfc-qg74c
access-control-allow-credentials
true
cache-control
public, max-age=90
cf-ray
8762bffb5cc2bc04-FRA
expires
Thu, 18 Apr 2024 06:57:03 GMT
shell.js
js.hsforms.net/forms/ 		482 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsforms.net/forms/shell.js
Requested by
Host: nucitrus.com
URL: https://nucitrus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:8d77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f171db8dc0eb7cec86c84ceac278dbf2fbe33770334635a2703186d14f4828b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
age
90
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5064/bundles/project-v2.js&cfRay=8762bdc96f73363c-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"b0047a8901d8ed9f81db3dcb5982114e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.5064/bundles/project-v2.js
date
Thu, 18 Apr 2024 06:55:33 GMT
x-amz-version-id
4lHA5dnNobe4YqKec9CE2kPtPUzRSBNR
via
1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
b12529bf-9059-4e95-9fed-00bc6087588b
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
b12529bf-9059-4e95-9fed-00bc6087588b
last-modified
Wed, 03 Apr 2024 11:15:05 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wsG7pkQNZFSamDzFU3IHW0jsateu7LZkTAOG6lIGCeoJLtAHrLQd3sVUVqRT3xoaLUF6JrqL%2BIGe7dEO6bFGPs5HwkDAnPRZr8qljGEUKHMSCOpT1UDirIBnNOtBlKK2K7AcBHeRSc5TE430"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-bsp24
cf-ray
8762bffb4c6c9f46-FRA
x-amz-cf-id
F2I-oFmH_H3F2pK9yodqqTPji5ASxncepKZkL-ofoPXseGoooDolRA==
logo-1.png
nucitrus.com/wp-content/uploads/2020/08/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nucitrus.com/wp-content/uploads/2020/08/logo-1.png
Requested by
Host: nucitrus.com
URL: https://nucitrus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.225.220.136 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.nucitrus.com
Software
Apache /
Resource Hash
711a09651782ca264ac8c6e9c9faa8c130a003b224a609557a9ab562a52261eb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:55:33 GMT
last-modified
Sat, 22 Aug 2020 22:51:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
30835
expires
Fri, 18 Apr 2025 12:55:33 GMT
nucitrus-logo-white-transparent.png
nucitrus.com/wp-content/uploads/2020/08/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nucitrus.com/wp-content/uploads/2020/08/nucitrus-logo-white-transparent.png
Requested by
Host: nucitrus.com
URL: https://nucitrus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.225.220.136 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.nucitrus.com
Software
Apache /
Resource Hash
345a4c27f980e160a5defcabbc20fa1fc291f73bfab964ea774362b0f7dadc8e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:55:33 GMT
last-modified
Fri, 28 Aug 2020 23:13:47 GMT
server
Apache
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
16112
expires
Fri, 18 Apr 2025 12:55:33 GMT
nucitrus-logo-white-transparent-no-words.png
nucitrus.com/wp-content/uploads/2020/09/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nucitrus.com/wp-content/uploads/2020/09/nucitrus-logo-white-transparent-no-words.png
Requested by
Host: nucitrus.com
URL: https://nucitrus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.225.220.136 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.nucitrus.com
Software
Apache /
Resource Hash
132791d2dda8d9b77f348200161022d60c87a7b26b5d3f4b5399a212efb18a0e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:55:33 GMT
last-modified
Tue, 22 Sep 2020 19:25:14 GMT
server
Apache
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
23258
expires
Fri, 18 Apr 2025 12:55:33 GMT
facebook.png
nucitrus.com/wp-content/uploads/2020/09/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nucitrus.com/wp-content/uploads/2020/09/facebook.png
Requested by
Host: nucitrus.com
URL: https://nucitrus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.225.220.136 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.nucitrus.com
Software
Apache /
Resource Hash
2a8d9f55f5f9e5d992a088028a32e8b9a680ffbe1d136673588008c6d6ccc237

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:55:33 GMT
last-modified
Mon, 21 Sep 2020 04:35:45 GMT
server
Apache
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
3778
expires
Fri, 18 Apr 2025 12:55:33 GMT
twitter.png
nucitrus.com/wp-content/uploads/2020/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nucitrus.com/wp-content/uploads/2020/09/twitter.png
Requested by
Host: nucitrus.com
URL: https://nucitrus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.225.220.136 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.nucitrus.com
Software
Apache /
Resource Hash
037c9818bf70bcbe07f8cf013d4009626dfbaa4f253e460c65c244bd79dfdfa0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:55:33 GMT
last-modified
Mon, 21 Sep 2020 04:35:46 GMT
server
Apache
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
5896
expires
Fri, 18 Apr 2025 12:55:33 GMT
linkedin.png
nucitrus.com/wp-content/uploads/2020/09/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nucitrus.com/wp-content/uploads/2020/09/linkedin.png
Requested by
Host: nucitrus.com
URL: https://nucitrus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.225.220.136 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.nucitrus.com
Software
Apache /
Resource Hash
c72c4fbf3c607757aa71e8ef7c2646b7d7bf56a5a4108aed182a9d6bfb21ff01

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:55:33 GMT
last-modified
Mon, 21 Sep 2020 04:35:45 GMT
server
Apache
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
4387
expires
Fri, 18 Apr 2025 12:55:33 GMT
instagram.png
nucitrus.com/wp-content/uploads/2020/09/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nucitrus.com/wp-content/uploads/2020/09/instagram.png
Requested by
Host: nucitrus.com
URL: https://nucitrus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.225.220.136 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.nucitrus.com
Software
Apache /
Resource Hash
3b1d8d4362cecb0bd82aa01939f59f5a4154d4d4b818dd6c923e47c12e5959df

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:55:33 GMT
last-modified
Mon, 21 Sep 2020 04:35:44 GMT
server
Apache
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
4650
expires
Fri, 18 Apr 2025 12:55:33 GMT
platform.js
insiderdata360online.com/service/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: nucitrus.com
URL: https://nucitrus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
85f407912384186334577f65bf6bb88045bd96f5222d7c696cc71303d65c826a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 18 Apr 2024 06:55:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57850
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2762, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
AuCSTeAoO0pgc5S6g/crvVrPCRjaz+xJ6sSrMFN/sQ/N77bGWVMiJyy6TO6lCbWmcKkrf9NnwT21OX7CAxhDSA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
hotjar-2037458.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2037458.js?sv=6
Requested by
Host: nucitrus.com
URL: https://nucitrus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-106.fra56.r.cloudfront.net
Software
/
Resource Hash
63819fbc68703d44b74076029019eaa10e8274ac94c7a4c7fc4cf08789817e63
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:55:33 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/012c59ed953806494778b8060deb0fb6
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
AuGChl3jlwIr546TLkxTao09B5DzrGbCr9TM6HzGWOYKY6JczyVN1w==
platform.js
insiderdata360online.com/service/ 		0
0
main.css
nucitrus.com/wp-content/themes/sod-video/assets/css/ 		90 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nucitrus.com/wp-content/themes/sod-video/assets/css/main.css?ran=0.035992446437722814
Requested by
Host: nucitrus.com
URL: https://nucitrus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.225.220.136 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.nucitrus.com
Software
Apache /
Resource Hash
9f6364fb7d8d68fd2a254e3660832791f9c776a4f1c20e610b4f39e06f8aed4e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:55:33 GMT
content-encoding
gzip
last-modified
Sat, 23 Jul 2022 13:20:14 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31557600
accept-ranges
bytes
content-length
11923
expires
Fri, 18 Apr 2025 12:55:33 GMT
765762017234778
connect.facebook.net/signals/config/ 		66 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/765762017234778?v=2.9.154&r=stable&domain=nucitrus.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4ed4cac5660051650b3010c8eb74fb74074aba580cc127315d73e0026b871054
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 18 Apr 2024 06:55:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=63, mss=1326, tbw=63196, tp=-1, tpl=-1, uplat=171, ullat=0
pragma
public
x-fb-debug
NnUdUsrq8SVNasvp0Xd5KfG6OrwmNkopU5oAlnNW73TahUGMN3kzpfHLM1oLQZ7TlRKrPIVbjESPSbfRmInihA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		242 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-C9JH2TBHTH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-30582324-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a2f4dbda5f8b74096b5742677567a9bd58b2dd7acb450d0fa6b337f6875eb829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:55:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87878
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 18 Apr 2024 06:55:33 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-30582324-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 18 Apr 2024 05:48:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4045
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 18 Apr 2024 07:48:08 GMT
modules.9c3b50ddbc74247d2ae3.js
script.hotjar.com/ 		221 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9c3b50ddbc74247d2ae3.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2037458.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
84abbb88240359c728c738ec4acb83fc354afd75d7470279f1fe01f9841e5f4b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 17:11:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
135867
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55691
last-modified
Tue, 16 Apr 2024 17:10:18 GMT
etag
"cb9e8e6a84fdeebfc271614ce016b88e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
LALXHeyrMygFhdshM0oxBIV-Iq3ciZVOmRXZ8_IhI-9czyAATl-C-w==
collect
www.google-analytics.com/j/ 		2 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=522518524&t=pageview&_s=1&dl=https%3A%2F%2Fnucitrus.com%2F&ul=de-de&de=UTF-8&dt=Website%20Design%2C%20SEO%20Marketing%2C%20Website%20Development%2C%20SEO%20Marketing%2C%20Search%20Engine%20Optimization%2C%20Mobile%20App%20Development&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=497415482&gjid=1035162750&cid=1895636070.1713423334&tid=UA-30582324-1&_gid=294444887.1713423334&_r=1&gtm=457e44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=2062948186
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 06:55:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nucitrus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=522518524&t=pageview&_s=2&dl=https%3A%2F%2Fnucitrus.com%2F&ul=de-de&de=UTF-8&dt=Website%20Design%2C%20SEO%20Marketing%2C%20Website%20Development%2C%20SEO%20Marketing%2C%20Search%20Engine%20Optimization%2C%20Mobile%20App%20Development&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=1895636070.1713423334&tid=UA-30582324-1&_gid=294444887.1713423334&gtm=457e44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=221790550
Requested by
Host: nucitrus.com
URL: https://nucitrus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 17:38:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
47843
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-C9JH2TBHTH&gtm=45je44f0v9117319483za200&_p=1713423333625&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1895636070.1713423334&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1713423333&sct=1&seg=0&dl=https%3A%2F%2Fnucitrus.com%2F&dt=Website%20Design%2C%20SEO%20Marketing%2C%20Website%20Development%2C%20SEO%20Marketing%2C%20Search%20Engine%20Optimization%2C%20Mobile%20App%20Development&en=page_view&_fv=1&_ss=1&tfd=839
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C9JH2TBHTH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 06:55:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nucitrus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
48 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C9JH2TBHTH&cid=1895636070.1713423334&gtm=45je44f0v9117319483za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C9JH2TBHTH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 06:55:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nucitrus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-C9JH2TBHTH&cid=1895636070.1713423334&gtm=45je44f0v9117319483za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=585322638
Requested by
Host: nucitrus.com
URL: https://nucitrus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 06:55:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-30582324-1&cid=1895636070.1713423334&jid=497415482&gjid=1035162750&_gid=294444887.1713423334&npa=1&_u=YEBAAUAAAAAAACAAI~&z=137468240
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 18 Apr 2024 06:55:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nucitrus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collectedforms.js
js.hscollectedforms.net/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2571624.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6dfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c76dd89a767afd512ce6c6370424f39a632ebb736c16ac37952fbfd97575448
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Origin
https://nucitrus.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:55:33 GMT
x-amz-version-id
_rd02ux3UWoVQsATQDf.p_LxkLPJ6umh
via
1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
8faa5c93-97bf-4135-aa4e-591a0620d563
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.491/bundles/project.js&cfRay=8762bffcaeef9bac-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
0
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
8faa5c93-97bf-4135-aa4e-591a0620d563
last-modified
Wed, 10 Apr 2024 18:06:23 UTC
server
cloudflare
etag
W/"020909a609cf986b4a8a88cfb577a8db"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-hdb65
cf-ray
8762bffcaeef9bac-FRA
x-amz-cf-id
GUVHJfqpdH1XGq3YzYOpevTX5IHZBKGhp9PqH3YSsMU_H-T9idkW4A==
x-hs-target-asset
collected-forms-embed-js/static-1.491/bundles/project.js
banner.js
js.hs-banner.com/v2/2571624/ 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/2571624/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2571624.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6970a6f33f13c792b4a16e591f2bd55a174331c57b8470095befa0ab617f927

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:55:34 GMT
x-amz-version-id
gSJVtPbBJ1GT5PKGNMASqdQ8DonMNPyP
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
YZ2Q49XZAFKNMETR
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
741950b3-3675-402e-95d2-55d526d4c2f2
x-envoy-upstream-service-time
156
x-amz-id-2
L7spycW/F+eqT12wIm7PqJnyMp5zXifycZQ5YCXa8S8QMe62jHDH+v/b8MJeEXhykTVz3/QqmhTnKwOmJ/p3om7eI7QdUmE9vO5bXy4voEg=
x-evy-trace-listener
listener_https
x-request-id
741950b3-3675-402e-95d2-55d526d4c2f2
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 15 Apr 2024 14:08:54 GMT
server
cloudflare
etag
W/"633c8d97ba5e5843969cc2d038d16897"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://nucitrus.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-pvzd8
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
8762bffcaf4c3a4f-FRA
expires
Thu, 18 Apr 2024 07:00:34 GMT
2571624.js
js.hs-analytics.net/analytics/1713423300000/ 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1713423300000/2571624.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2571624.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a5b3ebe73501a0e6a94b60f991f0c5469669626adc2c59fca451afffb4351fe

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:55:34 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
WFWRWBFD7MFK6C5Q
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
9da0fad2-e97c-47c6-a7e6-9d35e08454cc
x-envoy-upstream-service-time
44
x-amz-id-2
z9BWwnUwgjZeRl7rJCsbANbBkyao4OsiG958taudvYa+zQzOlvxPyAz189Yqzn2vOIYKfb+6V126os9XDndW6zUgZ0ZmUIUP
x-evy-trace-listener
listener_https
x-request-id
9da0fad2-e97c-47c6-a7e6-9d35e08454cc
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 17 Apr 2024 21:19:51 GMT
server
cloudflare
etag
W/"bd54110056acca7f65c95d92d0b0ca75"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-snf7h
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
8762bffcad905d88-FRA
expires
Thu, 18 Apr 2024 07:00:33 GMT
conversations-embed.js
js.usemessages.com/ 		86 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2571624.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4c8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31cafac9c7b9f743c27dd8dc5eaca3c0a41d926f4c6e762705c78682e0395b59
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:55:33 GMT
x-amz-version-id
P2QlyIDjib7YmTfsuV6tHRtmiFYiLB89
via
1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
age
357
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.16051/bundles/project.js&cfRay=8762b7408d5130cc-FRA
x-cache
Hit from cloudfront
x-hubspot-correlation-id
b5780572-7e17-4429-be14-d6debc090c81
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
2
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
b5780572-7e17-4429-be14-d6debc090c81
last-modified
Thu, 11 Apr 2024 15:43:26 UTC
server
cloudflare
etag
W/"f6f2732f734a25219fb3857683c145d3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-bsp24
cf-ray
8762bffcac0d4d4f-FRA
x-amz-cf-id
EJHBfnwcyD_R-IlSWXY6vB9W5VFH3x-mbPdFVwfA6c4w0HUDwflwgQ==
x-hs-target-asset
conversations-embed/static-1.16051/bundles/project.js
browser-perf.8417c6bba72228fa2e29.js
script.hotjar.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.9c3b50ddbc74247d2ae3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Jan 2024 14:32:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
7316606
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1782
last-modified
Wed, 24 Jan 2024 14:31:37 GMT
etag
"b83b61bc5871e9a23a0434e2c539f4f3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
T6HuGcrpUWRRnuClc4nRKM6pdvD-GY6oYrVMLsF1Z8cKhojA8QYYJg==
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-30582324-1&cid=1895636070.1713423334&jid=497415482&npa=1&_u=YEBAAUAAAAAAACAAI~&z=135342203
Requested by
Host: nucitrus.com
URL: https://nucitrus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 06:55:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-30582324-1&cid=1895636070.1713423334&jid=497415482&npa=1&_u=YEBAAUAAAAAAACAAI~&z=135342203
Requested by
Host: nucitrus.com
URL: https://nucitrus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 06:55:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=765762017234778&ev=PageView&dl=https%3A%2F%2Fnucitrus.com%2F&rl=&if=false&ts=1713423333906&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713423333904.573998260&cs_est=true&ler=empty&cdl=API_unavailable&it=1713423333684&coo=false&rqm=GET
Requested by
Host: nucitrus.com
URL: https://nucitrus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2754, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 18 Apr 2024 06:55:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
public
api.hubspot.com/livechat-public/v1/message/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=2571624&conversations-embed=static-1.16051&mobile=false&messagesUtk=a343dea677a94bd188e1728e8ca32878&traceId=a343dea677a94bd188e1728e8ca32878
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95aa46cd03826068279983f0764702f171215a5588e535a9933b6be5fbdb44f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
X-HubSpot-Messages-Uri
https://nucitrus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:55:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
28c5e648-a816-4708-8607-85e369e29e76
x-envoy-upstream-service-time
140
content-length
1334
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
28c5e648-a816-4708-8607-85e369e29e76
server
cloudflare
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nucitrus.com
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-697677dfc-4lngb
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4dztrtnj%2Frhws0dkO4fiL5JfsKc%2FJ0q%2BHlS17W7BdvKHbAAlAENKIoAH6deGni6ahOPrcja%2BCoXk3f9qmfWcUlDbDjzm%2BLEWv017mhZzkwYJd0BrL5Ie%2FE4uPNA%2FfRIYF3mUBGOsuERbZ4Wvlw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8762bffdf9a5381c-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
public
api.hubspot.com/livechat-public/v1/message/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=2571624&conversations-embed=static-1.16051&mobile=false&messagesUtk=a343dea677a94bd188e1728e8ca32878&traceId=a343dea677a94bd188e1728e8ca32878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://nucitrus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://nucitrus.com
allow
HEAD,GET,OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8762bffd18c2381c-FRA
content-length
18
content-type
text/plain; charset=utf-8
date
Thu, 18 Apr 2024 06:55:34 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7RdaDVIpO3%2FL0IDWNgRrwbn7mYAy1Ayk61mE1hq2j4SdcIkYEhjpYaQ2iZC%2BTe46OrETiJMDGFV9BmdgdsUTAlrbotTQ8fIUZRDENKWltknUVOtofmZ3sJLptO6XVnkNN85zgJW6Aq8ZWieZEA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
3
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-697677dfc-rb8zm
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
51c7ee83-46f1-4e4d-a81d-0e21e56c1551
x-request-id
51c7ee83-46f1-4e4d-a81d-0e21e56c1551
json
forms.hscollectedforms.net/collected-forms/v1/config/ 		115 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=2571624&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6dfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2626b127340dfdb3d68ab7057c82702a5f4955c1bb1c11590225fa73c160c3d0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:55:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
432f2e27-fc3e-4d71-af9f-7c8433e9d289
x-envoy-upstream-service-time
7
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
432f2e27-fc3e-4d71-af9f-7c8433e9d289
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nucitrus.com
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-72bsp
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
8762bffd98029bac-FRA
a343dea677a94bd188e1728e8ca32878
app.hubspot.com/conversations-visitor/2571624/threads/utk/ Frame 4C4D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/conversations-visitor/2571624/threads/utk/a343dea677a94bd188e1728e8ca32878?uuid=a5960e6575cf4b9b8d13024e9ef8a49a&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=nucitrus.com&inApp53=false&messagesUtk=a343dea677a94bd188e1728e8ca32878&url=https%3A%2F%2Fnucitrus.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options no-sniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://nucitrus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
false
age
2094
cache-control
max-age=600
cache-tag
staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status
DYNAMIC
cf-ray
8762bfffdb2b3611-FRA
content-encoding
br
content-security-policy-report-only
script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.18503/html/index.html&cfRay=8762bfffdb2b3611&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F2571624%2Fthreads%2Futk%2Fa343dea677a94bd188e1728e8ca32878%3Fuuid%3Da5960e6575cf4b9b8d13024e9ef8a49a%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Dnucitrus.com%26inApp53%3Dfalse%26messagesUtk%3Da343dea677a94bd188e1728e8ca32878%26url%3Dhttps%253A%252F%252Fnucitrus.com%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fnucitrus.com%2F&cfenv=prod&pdt=2024-04-18&csp=ro
content-type
text/html; charset=utf-8
date
Thu, 18 Apr 2024 06:55:34 GMT
etag
W/"6d867d1900900d5bcc06455bfd41ef5b"
last-modified
Thu, 11 Apr 2024 15:43:26 UTC
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints
default="https://send.hsbrowserreports.com/csp/reports?cfRay=8762bfffdb2b3611&resource=conversations-visitor-ui/static-1.18503/html/index.html"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
via
1.1 3042bd56e0ca0a7910df89f6b5e95e9e.cloudfront.net (CloudFront)
x-amz-cf-id
AzG4tKhvWlOvVuQrTia4cOaIa68IRYB2qN_qpDvKTEyC9hCb22GE8Q==
x-amz-cf-pop
IAD12-P3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
Tddh9AlBdjs8lSS7as0TIFsKyTzs17RN
x-cache
Hit from cloudfront
x-content-type-options
no-sniff
x-envoy-upstream-service-time
4
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-hdb65
x-evy-trace-virtual-host
all
x-hs-cache-status
MISS
x-hs-target-asset
conversations-visitor-ui/static-1.18503/html/index.html
x-hs-worker-debug-mode
false
x-hubspot-correlation-id
e47ac3a7-9e9a-4b6f-a15b-25b4acdd193d
x-request-id
e47ac3a7-9e9a-4b6f-a15b-25b4acdd193d
location.php
nucitrus.com/ 		39 B
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nucitrus.com/location.php
Requested by
Host: nucitrus.com
URL: https://nucitrus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.225.220.136 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.nucitrus.com
Software
Apache /
Resource Hash
137f8dd0843e71c588f83bcf77889338ed07d696ce2060efefdb57675c561b00

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://nucitrus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 18 Apr 2024 06:55:34 GMT
content-encoding
gzip
server
Apache
content-length
57
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
insiderdata360online.com
URL
https://insiderdata360online.com/service/platform.js?ran=0.8279395272939845
Domain
insiderdata360online.com
URL
https://insiderdata360online.com/service/platform.js?ran=0.362920885569574

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| gtag object| dataLayer function| fbq function| _fbq function| hj object| _hjSettings object| _hsq function| getCookieNow function| closeCTA function| myCTA string| home_img_url string| site_url object| page_seos function| mySubFunction string| the_url number| the_time2 string| agent object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| hubspot object| HubSpotForms object| hbspt object| hsFormsOnReady object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled object| gaplugins object| gaGlobal object| gaData object| _hsp boolean| hubspot_live_messages_running object| HubSpotConversations object| __hsCollectedFormsDebug object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran object| _paq function| sanitizeKey boolean| _hstc_loaded

12 Cookies

Domain/Path Name / Value
.hsforms.net/ Name: __cf_bm
Value: pDwP_DroMhTberpqquJfc8pSkF9dTbKl8rOHzXf0EK0-1713423333-1.0.1.1-ePONli0EJGbhCZCnHWRo3NjJN5uW6wVSXIcd2yZtANVZ4jltRbNC2XFwyDuZ8H8i8BcF4JeCB3wC2GFlH5H4SA
.nucitrus.com/ Name: _gcl_au
Value: 1.1.1550852627.1713423334
.nucitrus.com/ Name: _gid
Value: GA1.2.294444887.1713423334
.nucitrus.com/ Name: _gat_gtag_UA_30582324_1
Value: 1
.nucitrus.com/ Name: _ga_C9JH2TBHTH
Value: GS1.1.1713423333.1.0.1713423333.60.0.0
.nucitrus.com/ Name: _ga
Value: GA1.1.1895636070.1713423334
.nucitrus.com/ Name: _hjSessionUser_2037458
Value: eyJpZCI6ImU1OWJmNjU4LTE0ODktNTk2Ny05NjNiLTM5MWM2NGNiM2ZiMyIsImNyZWF0ZWQiOjE3MTM0MjMzMzM4ODUsImV4aXN0aW5nIjp0cnVlfQ==
.nucitrus.com/ Name: _hjSession_2037458
Value: eyJpZCI6ImMxNjJlZDhjLTUxMmUtNGMzNC1iMTU0LTQ4MDc5NWYwOWViYyIsImMiOjE3MTM0MjMzMzM4ODYsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.nucitrus.com/ Name: _fbp
Value: fb.1.1713423333904.573998260
.nucitrus.com/ Name: messagesUtk
Value: a343dea677a94bd188e1728e8ca32878
.hubspot.com/ Name: __cf_bm
Value: YOuN3dUu3ZadN8Ar6.YeMAEvUH1dFfBwhBv5Af2T2wk-1713423334-1.0.1.1-3_nzy8u84A3ZFCyCYrGzqO.bZM7sRrS469KtQBd1TV0AzJ3mAYfz8HUd8U6hjXCicC0PgW.4rSHpVhGIXMfgwA
.hubspot.com/ Name: _cfuvid
Value: 9BtgZwIoAi4qzZ5EuhPSb7cG5qp8eHSEIA6Fw2Zrb6A-1713423334975-0.0.1.1-604800000

8 Console Messages

Source Level URL
Text
other warning URL: https://nucitrus.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/765762017234778?v=2.9.154&r=stable&domain=nucitrus.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://nucitrus.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucitrus.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucitrus.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucitrus.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucitrus.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nucitrus.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
app.hubspot.com
connect.facebook.net
forms.hscollectedforms.net
insiderdata360online.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsforms.net
js.usemessages.com
nucitrus.com
region1.analytics.google.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
insiderdata360online.com
13.32.27.21
18.66.102.106
2001:4860:4802:32::36
2606:4700:4400::ac40:991b
2606:4700::6810:4c8e
2606:4700::6810:6dfe
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:8dd1
2606:4700::6811:afc9
2606:4700::6812:8d77
2a00:1450:4001:80b::200e
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
67.225.220.136
037c9818bf70bcbe07f8cf013d4009626dfbaa4f253e460c65c244bd79dfdfa0
132791d2dda8d9b77f348200161022d60c87a7b26b5d3f4b5399a212efb18a0e
137f8dd0843e71c588f83bcf77889338ed07d696ce2060efefdb57675c561b00
2626b127340dfdb3d68ab7057c82702a5f4955c1bb1c11590225fa73c160c3d0
2a8d9f55f5f9e5d992a088028a32e8b9a680ffbe1d136673588008c6d6ccc237
31cafac9c7b9f743c27dd8dc5eaca3c0a41d926f4c6e762705c78682e0395b59
345a4c27f980e160a5defcabbc20fa1fc291f73bfab964ea774362b0f7dadc8e
3b1d8d4362cecb0bd82aa01939f59f5a4154d4d4b818dd6c923e47c12e5959df
4ed4cac5660051650b3010c8eb74fb74074aba580cc127315d73e0026b871054
5c76dd89a767afd512ce6c6370424f39a632ebb736c16ac37952fbfd97575448
63819fbc68703d44b74076029019eaa10e8274ac94c7a4c7fc4cf08789817e63
6c471949359fb47be54348b3df27f06b92aa383b5f5fbc96a0ae1d40f0d7866c
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
711a09651782ca264ac8c6e9c9faa8c130a003b224a609557a9ab562a52261eb
7a5b3ebe73501a0e6a94b60f991f0c5469669626adc2c59fca451afffb4351fe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84abbb88240359c728c738ec4acb83fc354afd75d7470279f1fe01f9841e5f4b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85f407912384186334577f65bf6bb88045bd96f5222d7c696cc71303d65c826a
95aa46cd03826068279983f0764702f171215a5588e535a9933b6be5fbdb44f0
9f6364fb7d8d68fd2a254e3660832791f9c776a4f1c20e610b4f39e06f8aed4e
a2f4dbda5f8b74096b5742677567a9bd58b2dd7acb450d0fa6b337f6875eb829
c6970a6f33f13c792b4a16e591f2bd55a174331c57b8470095befa0ab617f927
c72c4fbf3c607757aa71e8ef7c2646b7d7bf56a5a4108aed182a9d6bfb21ff01
d168b81921b3565a183f5c3e5e93cd46966b7b644c096922328f4a9c6f5ea353
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f171db8dc0eb7cec86c84ceac278dbf2fbe33770334635a2703186d14f4828b2
f7e8067d8fd0102f641f3af2c26b740662b05c214cd0a7c80ab5816792d2b56b
fcd765b25a2eca51ef7d51bc6243544bb0324acd90807dbe714db147dead1527