nektareczemastudy.com Open in urlscan Pro
209.17.116.160 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1K...
Submission Tags: falconsandbox
Submission: On November 04 via api (November 4th 2024, 8:59:29 am UTC) from US — Scanned from CA

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 5 domains to perform 21 HTTP transactions. The main IP is 209.17.116.160, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is nektareczemastudy.com.
TLS certificate: Issued by Network Solutions RSA DV SSL CA 3 on November 8th 2023. Valid for: a year.

This is the only time nektareczemastudy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	209.17.116.160 209.17.116.160	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
2	173.194.207.95 173.194.207.95	15169 (GOOGLE) (GOOGLE)
1	172.217.222.97 172.217.222.97	15169 (GOOGLE) (GOOGLE)
1 2	159.203.116.215 159.203.116.215	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	173.194.204.94 173.194.204.94	15169 (GOOGLE) (GOOGLE)
21	5

15 209.17.116.160 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)

nektareczemastudy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.207.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.222.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.203.116.215 (Clifton, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: galengateway.com

www.galengateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.204.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	nektareczemastudy.com nektareczemastudy.com	2 MB
2	gstatic.com fonts.gstatic.com	84 KB
2	galengateway.com 1 redirects www.galengateway.com	511 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	73 KB
21	5

	Domain	Requested by
15	nektareczemastudy.com	nektareczemastudy.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.galengateway.com	1 redirects nektareczemastudy.com
2	fonts.googleapis.com	nektareczemastudy.com
1	www.googletagmanager.com	nektareczemastudy.com
21	5

This site contains no links.

Subject Issuer	Validity	Valid
www.nektareczemastudy.com Network Solutions RSA DV SSL CA 3	`2023-11-08` - `2024-11-08`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
galengateway.com R11	`2024-10-25` - `2025-01-23`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw
Frame ID: 0D479A469410216ADAB636E5A3FCA736
Requests: 20 HTTP requests in this frame

Frame: https://www.galengateway.com/online/source.php?study_id=571&PHPSESSID=nt4vtsajnpacvc6hf27dvhsof4
Frame ID: 80F6C0A1E367B5C6FD2029D603B2643C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Eczema Research Study

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

1
Countries

1807 kB
Transfer

2161 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://www.galengateway.com/online/?study_id=571 HTTP 302
https://www.galengateway.com/online/source.php?study_id=571&PHPSESSID=nt4vtsajnpacvc6hf27dvhsof4

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
nektareczemastudy.com/ 8 KB
4 KB 16132ms
266ms Document
text/html 209.17.116.160
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

781fb0ce04af8286fc0f8ec3778633354f360379a8f01315acca510100372c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 04 Nov 2024 08:59:22 GMT
etag: W/"216f-6235af86a2a80"
last-modified: Mon, 30 Sep 2024 19:11:22 GMT
referrer-policy: no-referrer-when-downgrade
server: openresty/1.25.3.1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
x-xss-protection: "1; mode=block"

GET
H2 200 css
fonts.googleapis.com/ 3 KB
676 B 188ms
87ms Stylesheet
text/css 173.194.207.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: nektareczemastudy.com
URL: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.207.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f95.1e100.net

Software

ESF /

Resource Hash

1982b6201c77db58706520364d5431aece4644dbc5cf1a7509d4c0e04184710d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 08:59:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 08:59:22 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 04 Nov 2024 07:01:24 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 401 B
761 B 159ms
59ms Stylesheet
text/css 173.194.207.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Special+Elite

Requested by

Host: nektareczemastudy.com
URL: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.207.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f95.1e100.net

Software

ESF /

Resource Hash

5fdccb5a69213e892efd748de81516d23b88535add51c57447284b3686bda359

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 08:59:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 08:59:22 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 04 Nov 2024 07:25:33 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 bootstrap-3.3.4.css
nektareczemastudy.com/css/ 138 KB
28 KB 113ms
110ms Stylesheet
text/css 209.17.116.160
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nektareczemastudy.com/css/bootstrap-3.3.4.css

Requested by

Host: nektareczemastudy.com
URL: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

352e33365192220591f84f2af59a964af7f2ddd2fe6dac3c0ee7dfb915e71337

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"2298d-5fab9fb720280"
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
date: Mon, 04 Nov 2024 08:59:22 GMT
x-xss-protection: "1; mode=block"
content-type: text/css
vary: Accept-Encoding
server: openresty/1.25.3.1
last-modified: Tue, 02 May 2023 18:19:38 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 scrolling-nav.css
nektareczemastudy.com/css/ 4 KB
1 KB 210ms
207ms Stylesheet
text/css 209.17.116.160
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nektareczemastudy.com/css/scrolling-nav.css

Requested by

Host: nektareczemastudy.com
URL: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

64c73cd33e759ee9891e10707ceb284c23d58674073f4b2738ab9434abf731e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"e16-609958184b900"
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
date: Mon, 04 Nov 2024 08:59:22 GMT
x-xss-protection: "1; mode=block"
content-type: text/css
vary: Accept-Encoding
server: openresty/1.25.3.1
last-modified: Tue, 07 Nov 2023 20:06:28 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 one-page-wonder.css
nektareczemastudy.com/css/ 3 KB
1 KB 211ms
208ms Stylesheet
text/css 209.17.116.160
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nektareczemastudy.com/css/one-page-wonder.css

Requested by

Host: nektareczemastudy.com
URL: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

59074382750eb6e309ab39880ec49d7cc20a42c32d1ed52a0a87a518f2c1e076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"cf7-609957db42900"
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
date: Mon, 04 Nov 2024 08:59:22 GMT
x-xss-protection: "1; mode=block"
content-type: text/css
vary: Accept-Encoding
server: openresty/1.25.3.1
last-modified: Tue, 07 Nov 2023 20:05:24 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 custom.css
nektareczemastudy.com/css/ 862 B
1 KB 210ms
207ms Stylesheet
text/css 209.17.116.160
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nektareczemastudy.com/css/custom.css

Requested by

Host: nektareczemastudy.com
URL: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

12f25223c54901c6efd5290ed0ba259c9a5df310cde32dcccfc7458835980a7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Response headers

strict-transport-security: max-age=31536000
etag: "35e-56a99ac12b140"
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
content-length: 862
date: Mon, 04 Nov 2024 08:59:22 GMT
x-xss-protection: "1; mode=block"
content-type: text/css
last-modified: Tue, 24 Apr 2018 15:18:53 GMT
server: openresty/1.25.3.1
x-frame-options: SAMEORIGIN

GET
H2 200 SYQbut.png
nektareczemastudy.com/images/ 5 KB
5 KB 1449ms
1446ms Image
image/png 209.17.116.160
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nektareczemastudy.com/images/SYQbut.png

Requested by

Host: nektareczemastudy.com
URL: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

fdb79936e6ccb8542a1714d1a24a59cf65327741ad5bfc96090e57bd0f106a5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Response headers

strict-transport-security: max-age=31536000
etag: "13ec-5fab9d101c080"
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
content-length: 5100
date: Mon, 04 Nov 2024 08:59:22 GMT
x-xss-protection: "1; mode=block"
content-type: image/png
last-modified: Tue, 02 May 2023 18:07:46 GMT
server: openresty/1.25.3.1
x-frame-options: SAMEORIGIN

GET
H2 200 about_image.png
nektareczemastudy.com/images/ 352 KB
353 KB 211ms
209ms Image
image/png 209.17.116.160
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nektareczemastudy.com/images/about_image.png

Requested by

Host: nektareczemastudy.com
URL: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

01bf89428a6c677211923349baf951b7d18a820f59bda84c283d8bf8e339f30e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Response headers

strict-transport-security: max-age=31536000
etag: "581bc-609956ecd7680"
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
content-length: 360892
date: Mon, 04 Nov 2024 08:59:22 GMT
x-xss-protection: "1; mode=block"
content-type: image/png
last-modified: Tue, 07 Nov 2023 20:01:14 GMT
server: openresty/1.25.3.1
x-frame-options: SAMEORIGIN

GET
H2 200 jquery-1.11.3.min.js Show response
nektareczemastudy.com/js/ 94 KB
38 KB 279ms
277ms Script
application/javascript 209.17.116.160
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nektareczemastudy.com/js/jquery-1.11.3.min.js

Requested by

Host: nektareczemastudy.com
URL: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"176d5-528726676d580"
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
date: Mon, 04 Nov 2024 08:59:22 GMT
x-xss-protection: "1; mode=block"
content-type: application/javascript
vary: Accept-Encoding
server: openresty/1.25.3.1
last-modified: Sun, 03 Jan 2016 18:44:54 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 bootstrap-3.3.4.js Show response
nektareczemastudy.com/js/ 66 KB
18 KB 1137ms
1135ms Script
application/javascript 209.17.116.160
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nektareczemastudy.com/js/bootstrap-3.3.4.js

Requested by

Host: nektareczemastudy.com
URL: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

1a3746ad233f263f5f17f03c5dce418152965c5f86f479e1dfcdf75c3589f626

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"10896-52786a1034400"
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
date: Mon, 04 Nov 2024 08:59:22 GMT
x-xss-protection: "1; mode=block"
content-type: application/javascript
vary: Accept-Encoding
server: openresty/1.25.3.1
last-modified: Wed, 23 Dec 2015 01:27:44 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 jquery.easing.min.js Show response
nektareczemastudy.com/js/ 5 KB
2 KB 184ms
183ms Script
application/javascript 209.17.116.160
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nektareczemastudy.com/js/jquery.easing.min.js

Requested by

Host: nektareczemastudy.com
URL: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

ecfc183e33d25d24aa7c06218e0a413488fff8774e4b4b87543c766db9b0b8ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"15bc-5259b4dbddb80"
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
date: Mon, 04 Nov 2024 08:59:22 GMT
x-xss-protection: "1; mode=block"
content-type: application/javascript
vary: Accept-Encoding
server: openresty/1.25.3.1
last-modified: Sat, 28 Nov 2015 15:17:18 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 scrolling-nav.js Show response
nektareczemastudy.com/js/ 612 B
927 B 185ms
184ms Script
application/javascript 209.17.116.160
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nektareczemastudy.com/js/scrolling-nav.js

Requested by

Host: nektareczemastudy.com
URL: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

3d5a6042f3bbecc36d4f8fbc63160a05d7335f7caeb208e6e07cfa0a707ab79f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Response headers

strict-transport-security: max-age=31536000
etag: "264-5259b4dbddb80"
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
content-length: 612
date: Mon, 04 Nov 2024 08:59:22 GMT
x-xss-protection: "1; mode=block"
content-type: application/javascript
last-modified: Sat, 28 Nov 2015 15:17:18 GMT
server: openresty/1.25.3.1
x-frame-options: SAMEORIGIN

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 202 KB
73 KB 172ms
74ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2VX2GZJ

Requested by

Host: nektareczemastudy.com
URL: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

62f0bf1a811ebf5e8a82d5c780e76b2385af4c7f3911eb03fb7f2ee9c03c79bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 04 Nov 2024 08:59:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 08:59:22 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 04 Nov 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 74027
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1

200
OK

source.php
www.galengateway.com/online/ Frame 80F6
Redirect Chain

https://www.galengateway.com/online/?study_id=571
https://www.galengateway.com/online/source.php?study_id=571&PHPSESSID=nt4vtsajnpacvc6hf27dvhsof4

0
0

158ms
157ms

Document
text/html

159.203.116.215
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.galengateway.com/online/source.php?study_id=571&PHPSESSID=nt4vtsajnpacvc6hf27dvhsof4
Requested by: Host: nektareczemastudy.com
URL: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.203.116.215 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: galengateway.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

Referer: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1142
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Nov 2024 08:59:22 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=99
Pragma: no-cache
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Length: 1504
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Nov 2024 08:59:22 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.galengateway.com/online/source.php?study_id=571&PHPSESSID=nt4vtsajnpacvc6hf27dvhsof4
Pragma: no-cache
Server: Apache/2.4.18 (Ubuntu)

GET
H2 404 url
nektareczemastudy.com/css/ 575 B
575 B 1230ms
1229ms Image
text/html 209.17.116.160
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nektareczemastudy.com/css/url

Requested by

Host: nektareczemastudy.com
URL: https://nektareczemastudy.com/css/bootstrap-3.3.4.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nektareczemastudy.com/css/bootstrap-3.3.4.css

Response headers

strict-transport-security: max-age=31536000
etag: "23f-617cde9496008"
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-length: 575
date: Mon, 04 Nov 2024 08:59:22 GMT
x-xss-protection: "1; mode=block"
content-type: text/html
last-modified: Mon, 06 May 2024 19:16:49 GMT
server: openresty/1.25.3.1
x-frame-options: SAMEORIGIN

GET
H2 200 mainimage.png
nektareczemastudy.com/images/ 1 MB
1 MB 1229ms
1228ms Image
image/png 209.17.116.160
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nektareczemastudy.com/images/mainimage.png

Requested by

Host: nektareczemastudy.com
URL: https://nektareczemastudy.com/css/one-page-wonder.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

e6b6b7824a718dd6b7dd4848d9322057a3e3fbad60ec5920544e6ec8de828944

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nektareczemastudy.com/css/one-page-wonder.css

Response headers

strict-transport-security: max-age=31536000
etag: "1279be-5fab9ccd5a300"
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
content-length: 1210814
date: Mon, 04 Nov 2024 08:59:22 GMT
x-xss-protection: "1; mode=block"
content-type: image/png
last-modified: Tue, 02 May 2023 18:06:36 GMT
server: openresty/1.25.3.1
x-frame-options: SAMEORIGIN

GET
H2 200 question_bg.png
nektareczemastudy.com/images/ 9 KB
9 KB 1228ms
1227ms Image
image/png 209.17.116.160
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nektareczemastudy.com/images/question_bg.png

Requested by

Host: nektareczemastudy.com
URL: https://nektareczemastudy.com/css/scrolling-nav.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

6a2670380db7a6a4bdbb86d3e22b7bf467c636847214a24e14509fc8bf851f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nektareczemastudy.com/css/scrolling-nav.css

Response headers

strict-transport-security: max-age=31536000
etag: "240a-532a827ca09c0"
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
content-length: 9226
date: Mon, 04 Nov 2024 08:59:22 GMT
x-xss-protection: "1; mode=block"
content-type: image/png
last-modified: Thu, 12 May 2016 17:04:47 GMT
server: openresty/1.25.3.1
x-frame-options: SAMEORIGIN

GET
H3 200 XLYgIZbkc4JPUL5CVArUVL0ntnAOSA.woff2
fonts.gstatic.com/s/specialelite/v18/ 52 KB
52 KB 103ms
50ms Font
font/woff2 173.194.204.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/specialelite/v18/XLYgIZbkc4JPUL5CVArUVL0ntnAOSA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Special+Elite

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f94.1e100.net

Software

sffe /

Resource Hash

770493d84cbb753cd0573d0f014550583138f40469d137e310d239593a1949d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nektareczemastudy.com
Referer: https://fonts.googleapis.com/

Response headers

age: 360431
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 31 Oct 2025 04:52:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 31 Oct 2024 04:52:11 GMT
last-modified: Tue, 19 Apr 2022 19:00:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 53296
x-xss-protection: 0
server: sffe

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 50ms
50ms Font
font/woff2 173.194.204.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f94.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nektareczemastudy.com
Referer: https://fonts.googleapis.com/

Response headers

age: 459152
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 01:26:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 01:26:54 GMT
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33092
x-xss-protection: 0
server: sffe

GET
H2 404 favicon.ico
nektareczemastudy.com/ 575 B
841 B 105ms
104ms Other
text/html 209.17.116.160
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nektareczemastudy.com/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nektareczemastudy.com/?fbclid=IwZXh0bgNhZW0BMABhZGlkAasVeITKBBABHUCI94Nl-BrIQJqFxKe5hyxa_HqnJLRieVNXvVm86nVlHmPQn5rE1KlF_A_aem_MJwE7oLNfu0YlTPCuk_8Kw

Response headers

strict-transport-security: max-age=31536000
etag: "23f-617cde9496008"
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-length: 575
date: Mon, 04 Nov 2024 08:59:26 GMT
x-xss-protection: "1; mode=block"
content-type: text/html
last-modified: Mon, 06 May 2024 19:16:49 GMT
server: openresty/1.25.3.1
x-frame-options: SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://nektareczemastudy.com/css/url Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://nektareczemastudy.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
nektareczemastudy.com
www.galengateway.com
www.googletagmanager.com
159.203.116.215
172.217.222.97
173.194.204.94
173.194.207.95
209.17.116.160
01bf89428a6c677211923349baf951b7d18a820f59bda84c283d8bf8e339f30e
12f25223c54901c6efd5290ed0ba259c9a5df310cde32dcccfc7458835980a7a
1982b6201c77db58706520364d5431aece4644dbc5cf1a7509d4c0e04184710d
1a3746ad233f263f5f17f03c5dce418152965c5f86f479e1dfcdf75c3589f626
352e33365192220591f84f2af59a964af7f2ddd2fe6dac3c0ee7dfb915e71337
3d5a6042f3bbecc36d4f8fbc63160a05d7335f7caeb208e6e07cfa0a707ab79f
54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
59074382750eb6e309ab39880ec49d7cc20a42c32d1ed52a0a87a518f2c1e076
5fdccb5a69213e892efd748de81516d23b88535add51c57447284b3686bda359
62f0bf1a811ebf5e8a82d5c780e76b2385af4c7f3911eb03fb7f2ee9c03c79bf
64c73cd33e759ee9891e10707ceb284c23d58674073f4b2738ab9434abf731e5
6a2670380db7a6a4bdbb86d3e22b7bf467c636847214a24e14509fc8bf851f7f
770493d84cbb753cd0573d0f014550583138f40469d137e310d239593a1949d8
781fb0ce04af8286fc0f8ec3778633354f360379a8f01315acca510100372c51
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
e6b6b7824a718dd6b7dd4848d9322057a3e3fbad60ec5920544e6ec8de828944
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ecfc183e33d25d24aa7c06218e0a413488fff8774e4b4b87543c766db9b0b8ba
fdb79936e6ccb8542a1714d1a24a59cf65327741ad5bfc96090e57bd0f106a5b

nektareczemastudy.com Open in urlscan Pro 209.17.116.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

5 IPs

1 Countries

1807 kBTransfer

2161 kBSize

0 Cookies

0 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

2 Console Messages

Security Headers

Indicators

nektareczemastudy.com Open in urlscan Pro
209.17.116.160 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

1
Countries

1807 kB
Transfer

2161 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions