urlscan.io logo urlscan.io
SecurityTrails logo

www.nfeiras.com Open in urlscan Pro
116.202.219.184  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.nfeiras.com/wild-nature-expo/
Submission: On May 20 via manual from US — Scanned from IS
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 19 HTTP transactions. The main IP is 116.202.219.184, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.nfeiras.com.
TLS certificate: Issued by R3 on April 12th 2022. Valid for: 3 months.
This is the only time www.nfeiras.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 116.202.219.184 24940 (HETZNER-AS)
2 104.16.87.20 13335 (CLOUDFLAR...)
4 88.198.63.92 24940 (HETZNER-AS)
2 142.250.181.232 15169 (GOOGLE)
3 216.58.212.174 15169 (GOOGLE)
1 108.177.15.156 15169 (GOOGLE)
1 142.250.186.164 15169 (GOOGLE)
19 7
6    116.202.219.184 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.184.219.202.116.clients.your-server.de
www.nfeiras.com
www.nmessen.com
2    104.16.87.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    88.198.63.92 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: neventum.com
images.neventum.com
2    142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net
www.googletagmanager.com
3    216.58.212.174 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f174.1e100.net
www.google-analytics.com
1    108.177.15.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f156.1e100.net
stats.g.doubleclick.net
1    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
5 nmessen.com
www.nmessen.com
727 KB
4 neventum.com
images.neventum.com
142 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
108 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 432
13 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 7
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 92
440 B
1 nfeiras.com
www.nfeiras.com
17 KB
19 8
Domain Requested by
5 www.nmessen.com www.nfeiras.com
4 images.neventum.com www.nfeiras.com
www.nmessen.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.nfeiras.com
www.googletagmanager.com
2 cdn.jsdelivr.net www.nfeiras.com
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.nfeiras.com
19 8
Subject Issuer Validity Valid
nfeiras.com
R3		 2022-04-12 -
2022-07-11		 3 months crt.sh
nmessen.com
R3		 2022-05-01 -
2022-07-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
www.nadmin.neventum.com
Go Daddy Secure Certificate Authority - G2		 2021-11-16 -
2022-10-22		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.nfeiras.com/wild-nature-expo/
Frame ID: 90F34404DAC91F7C0DEBFDF3BF463B51
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Wild Nature Expo 2021

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

7
IPs

3
Countries

1028 kB
Transfer

3839 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.nfeiras.com/wild-nature-expo/ 		64 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nfeiras.com/wild-nature-expo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.219.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.219.202.116.clients.your-server.de
Software
nginx /
Resource Hash
54ac000a30eb4bb84e3e9a9a16530ee962d3ab1ba6856629602d687b7c1911ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

Accept-Ranges
bytes
Age
44
Cache-Control
max-age=86400, public
Connection
keep-alive
Content-Encoding
gzip
Content-Length
16785
Content-Type
text/html; charset=UTF-8
Date
Fri, 20 May 2022 23:49:20 GMT
Expires
Sat, 21 May 2022 23:48:36 GMT
Pragma
cache
Server
nginx
Vary
Accept-Encoding
Via
1.1 varnish (Varnish/6.2)
X-Cache
HIT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Varnish
23208141 14337227
app.css
www.nmessen.com/css/ 		156 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nmessen.com/css/app.css
Requested by
Host: www.nfeiras.com
URL: https://www.nfeiras.com/wild-nature-expo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.219.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.219.202.116.clients.your-server.de
Software
nginx /
Resource Hash
040b9c82bb3c36915fcdb5efc174471f4234e14185c48580ae3801be07f87c6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.nfeiras.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 May 2022 23:49:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
87
X-Cache
HIT
Connection
keep-alive
Content-Length
23308
Last-Modified
Wed, 16 Mar 2022 11:45:32 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"6231cddc-27128"
Vary
Accept-Encoding
X-Varnish
23078222 2530843
Via
1.1 varnish (Varnish/6.2)
Accept-Ranges
bytes
Content-Type
text/css
cookieconsent.css
cdn.jsdelivr.net/gh/orestbida/cookieconsent@v2.8.0/dist/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/orestbida/cookieconsent@v2.8.0/dist/cookieconsent.css
Requested by
Host: www.nfeiras.com
URL: https://www.nfeiras.com/wild-nature-expo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91ba5d9d7529dd290c9315bfb3c0c876734a4975352f5fa5c1e10211833955a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.nfeiras.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:49:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5236052
x-jsd-version
2.8.0
x-cache
MISS, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19174-FRA, cache-ams21031-AMS
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"4947-ujdqvg/hVj/0HeYXpVLlMbUeDsI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eISHu92W7EbWS8rL1daKU0ARBU6esXe81vtd8%2FaELJQMTifiQ1To6YXjZrBmtZ9EyX4UAUtI4Vo21bVvKaysyKv%2BxL%2BW8iCONUje2cLO%2FZddFsc8E2V93i%2B3wN9EQ3unyK8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
70e8f7e66d1f4c07-AMS
600ea1371ddd9-screenshot-2021-01-25-at-11.45.01.png
images.neventum.com/logos/2021/24/160/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.neventum.com/logos/2021/24/160/600ea1371ddd9-screenshot-2021-01-25-at-11.45.01.png
Requested by
Host: www.nfeiras.com
URL: https://www.nfeiras.com/wild-nature-expo/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.63.92 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
neventum.com
Software
nginx/1.1.19 /
Resource Hash
87eb430800cc5820035aa9eebbf08c3234e61e69b590608af24b32202e7c927d

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.nfeiras.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 May 2022 23:50:42 GMT
Last-Modified
Thu, 16 Sep 2021 09:12:58 GMT
Server
nginx/1.1.19
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22518
Expires
Sat, 20 May 2023 23:50:42 GMT
cookieconsent.js
cdn.jsdelivr.net/gh/orestbida/cookieconsent@v2.8.0/dist/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/orestbida/cookieconsent@v2.8.0/dist/cookieconsent.js
Requested by
Host: www.nfeiras.com
URL: https://www.nfeiras.com/wild-nature-expo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2ebe94c6a241ea1f9fe16c39c0b25784a704e16eb438fa4d1553b3d6b5f9bd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.nfeiras.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:49:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
76891
x-jsd-version
2.8.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19137-FRA, cache-ams21045-AMS
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"4c2d-VqQconQBpV735MNkqq7sIUOJdWk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHPhh9zJShs6uuxs9uelCE7hvTXHi2itHFxPjbvxvolvKJHoz1DLyuwD3xsmZJEqUF1QRO1v1NTgS%2BjdJ48hZ3ohQJjWkAPmra8ojH8RJyZRuRCDeEbfHEa4KBJjR30J%2FH8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
70e8f7e72de04c07-AMS
manifest.js
www.nmessen.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nmessen.com/js/manifest.js
Requested by
Host: www.nfeiras.com
URL: https://www.nfeiras.com/wild-nature-expo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.219.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.219.202.116.clients.your-server.de
Software
nginx /
Resource Hash
42d4669cebd905d95a87836f137b77c34db8030f05353eaac705c925106d092f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.nfeiras.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 May 2022 23:49:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
71
X-Cache
HIT
Connection
keep-alive
Content-Length
1682
Last-Modified
Wed, 16 Mar 2022 11:45:32 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
"6231cddc-187d"
Vary
Accept-Encoding
X-Varnish
23078224 22681056
Via
1.1 varnish (Varnish/6.2)
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
vendor.js
www.nmessen.com/js/ 		1 MB
317 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nmessen.com/js/vendor.js
Requested by
Host: www.nfeiras.com
URL: https://www.nfeiras.com/wild-nature-expo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.219.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.219.202.116.clients.your-server.de
Software
nginx /
Resource Hash
846748cad34d89d91aa006b6830ad4628a59f2a2ae270cd9a9730d9c521acc13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.nfeiras.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 May 2022 23:49:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
87
X-Cache
HIT
Connection
keep-alive
Content-Length
324511
Last-Modified
Wed, 16 Mar 2022 11:45:32 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"6231cddc-12a75e"
Vary
Accept-Encoding
X-Varnish
23208146 18372446
Via
1.1 varnish (Varnish/6.2)
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
app.js
www.nmessen.com/js/ 		2 MB
381 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nmessen.com/js/app.js
Requested by
Host: www.nfeiras.com
URL: https://www.nfeiras.com/wild-nature-expo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.219.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.219.202.116.clients.your-server.de
Software
nginx /
Resource Hash
271522e34829a2721b07d4396464fcdf87098b3d51560fdbe23660e69af1d2a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.nfeiras.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 May 2022 23:49:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
72
X-Cache
HIT
Connection
keep-alive
Content-Length
389893
Last-Modified
Wed, 16 Mar 2022 11:45:32 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
"6231cddc-1d6f9d"
Vary
Accept-Encoding
X-Varnish
23208148 21494722
Via
1.1 varnish (Varnish/6.2)
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
init.js
www.nmessen.com/js/cookieconsent/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nmessen.com/js/cookieconsent/init.js
Requested by
Host: www.nfeiras.com
URL: https://www.nfeiras.com/wild-nature-expo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.219.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.219.202.116.clients.your-server.de
Software
nginx /
Resource Hash
acdf057598c21e8ef80d1dd0175e0b12d436ef3a5204786a6ebb926ea0b89c40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.nfeiras.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 May 2022 23:49:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
87
X-Cache
HIT
Connection
keep-alive
Content-Length
3191
Last-Modified
Fri, 20 May 2022 10:38:51 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"62876fbb-3193"
Vary
Accept-Encoding
X-Varnish
23078229 18372449
Via
1.1 varnish (Varnish/6.2)
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
gtm.js
www.googletagmanager.com/ 		102 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PSQJGTP
Requested by
Host: www.nfeiras.com
URL: https://www.nfeiras.com/wild-nature-expo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d5539838150d56b8d6b9aad130208a998165161330f3a7e85a75321d59bc080f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.nfeiras.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:49:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39916
x-xss-protection
0
last-modified
Fri, 20 May 2022 22:23:31 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 20 May 2022 23:49:21 GMT
MarkPro-Medium.woff2
images.neventum.com/fonts/markpro/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://images.neventum.com/fonts/markpro/MarkPro-Medium.woff2?v=1
Requested by
Host: www.nmessen.com
URL: https://www.nmessen.com/css/app.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.63.92 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
neventum.com
Software
nginx/1.1.19 /
Resource Hash
37f70cbf52dc5116a3a0f0c3b3286517e41559a121d2e866e07e4c212801a20b

Request headers

Referer
https://www.nmessen.com/
Origin
https://www.nfeiras.com
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 May 2022 23:50:42 GMT
Last-Modified
Tue, 05 Nov 2019 16:32:07 GMT
Server
nginx/1.1.19
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39652
Expires
Sat, 20 May 2023 23:50:42 GMT
MarkPro-Regular.woff2
images.neventum.com/fonts/markpro/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://images.neventum.com/fonts/markpro/MarkPro-Regular.woff2?v=1
Requested by
Host: www.nmessen.com
URL: https://www.nmessen.com/css/app.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.63.92 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
neventum.com
Software
nginx/1.1.19 /
Resource Hash
a5afbf43dc2216fbd93e5136cf65f93157ca494dcea6dba255dbecd67e8e474a

Request headers

Referer
https://www.nmessen.com/
Origin
https://www.nfeiras.com
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 May 2022 23:50:42 GMT
Last-Modified
Tue, 05 Nov 2019 16:32:07 GMT
Server
nginx/1.1.19
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41596
Expires
Sat, 20 May 2023 23:50:42 GMT
MarkPro-Black.woff2
images.neventum.com/fonts/markpro/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://images.neventum.com/fonts/markpro/MarkPro-Black.woff2?v=1
Requested by
Host: www.nmessen.com
URL: https://www.nmessen.com/css/app.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.63.92 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
neventum.com
Software
nginx/1.1.19 /
Resource Hash
59e5bec5ce61612052f266fdd9eb030fb103d9e0fb6d9adc54212700747944f2

Request headers

Referer
https://www.nmessen.com/
Origin
https://www.nfeiras.com
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 May 2022 23:50:42 GMT
Last-Modified
Tue, 05 Nov 2019 16:32:07 GMT
Server
nginx/1.1.19
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
40840
Expires
Sat, 20 May 2023 23:50:42 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSQJGTP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f174.1e100.net
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.nfeiras.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5414
date
Fri, 20 May 2022 22:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 21 May 2022 00:19:08 GMT
js
www.googletagmanager.com/gtag/ 		193 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-71NTEHL98L&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSQJGTP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e7d31d3eb50dcaa2652d3f4cd532e4c083dfb0faa7beba66ce2e256e3c8fd0e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.nfeiras.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:49:22 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70188
x-xss-protection
0
expires
Fri, 20 May 2022 23:49:22 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1966344328&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nfeiras.com%2Fwild-nature-expo%2F&ul=en-us&de=UTF-8&dt=Wild%20Nature%20Expo%202021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=481970406&gjid=1395827317&cid=670535508.1653090565&tid=UA-25310998-1&_gid=380424040.1653090565&_r=1&gtm=2wg5b0PSQJGTP&z=1683457590
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f174.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nfeiras.com/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 May 2022 23:49:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nfeiras.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-71NTEHL98L&gtm=2oe5b0&_p=1966344328&_z=ccd.tfB&cid=670535508.1653090565&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.nfeiras.com%2Fwild-nature-expo%2F%23tradeshow&sid=1653090564&sct=1&seg=0&dt=Wild%20Nature%20Expo%202021&en=page_view&_fv=1&_ss=1&_eu=C
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-71NTEHL98L&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f174.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.nfeiras.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 May 2022 23:49:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nfeiras.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-25310998-1&cid=670535508.1653090565&jid=481970406&gjid=1395827317&_gid=380424040.1653090565&_u=YEBAAEAAAAAAAC~&z=1811290952
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nfeiras.com/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 20 May 2022 23:49:22 GMT
content-type
text/plain
access-control-allow-origin
https://www.nfeiras.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-25310998-1&cid=670535508.1653090565&jid=481970406&_u=YEBAAEAAAAAAAC~&z=1676982198
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.nfeiras.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 May 2022 23:49:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| dataLayer function| initCookieConsent object| webpackJsonp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| $ function| _ function| onYouTubeIframeAPIReady

4 Cookies

Domain/Path Name / Value
.nfeiras.com/ Name: _gid
Value: GA1.2.380424040.1653090565
.nfeiras.com/ Name: _gat_UA-25310998-1
Value: 1
.nfeiras.com/ Name: _ga
Value: GA1.1.670535508.1653090565
.nfeiras.com/ Name: _ga_71NTEHL98L
Value: GS1.1.1653090564.1.0.1653090565.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
images.neventum.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.nfeiras.com
www.nmessen.com
104.16.87.20
108.177.15.156
116.202.219.184
142.250.181.232
142.250.186.164
216.58.212.174
88.198.63.92
040b9c82bb3c36915fcdb5efc174471f4234e14185c48580ae3801be07f87c6f
271522e34829a2721b07d4396464fcdf87098b3d51560fdbe23660e69af1d2a3
37f70cbf52dc5116a3a0f0c3b3286517e41559a121d2e866e07e4c212801a20b
42d4669cebd905d95a87836f137b77c34db8030f05353eaac705c925106d092f
54ac000a30eb4bb84e3e9a9a16530ee962d3ab1ba6856629602d687b7c1911ba
59e5bec5ce61612052f266fdd9eb030fb103d9e0fb6d9adc54212700747944f2
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
846748cad34d89d91aa006b6830ad4628a59f2a2ae270cd9a9730d9c521acc13
87eb430800cc5820035aa9eebbf08c3234e61e69b590608af24b32202e7c927d
91ba5d9d7529dd290c9315bfb3c0c876734a4975352f5fa5c1e10211833955a5
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2ebe94c6a241ea1f9fe16c39c0b25784a704e16eb438fa4d1553b3d6b5f9bd3
a5afbf43dc2216fbd93e5136cf65f93157ca494dcea6dba255dbecd67e8e474a
acdf057598c21e8ef80d1dd0175e0b12d436ef3a5204786a6ebb926ea0b89c40
d5539838150d56b8d6b9aad130208a998165161330f3a7e85a75321d59bc080f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d31d3eb50dcaa2652d3f4cd532e4c083dfb0faa7beba66ce2e256e3c8fd0e3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629