urlscan.io logo urlscan.io
SecurityTrails logo

nmexa.com Open in urlscan Pro
198.12.236.127  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tinyurl.com/grant-jm
Effective URL: https://nmexa.com/grant/jm/
Submission: On December 02 via manual from JM — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 21 HTTP transactions. The main IP is 198.12.236.127, located in Ashburn, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is nmexa.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on February 16th 2024. Valid for: a year.
This is the only time nmexa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.17.112.233 13335 (CLOUDFLAR...)
11 198.12.236.127 26496 (AS-26496-...)
2 2a00:1450:400... 15169 (GOOGLE)
3 157.240.253.35 32934 (FACEBOOK)
1 151.101.194.137 54113 (FASTLY)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 172.217.18.3 15169 (GOOGLE)
1 172.67.8.141 13335 (CLOUDFLAR...)
21 8
1    104.17.112.233 (None, )

ASN13335 (CLOUDFLARENET, US)
tinyurl.com
11    198.12.236.127 (Ashburn, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 127.236.12.198.host.secureserver.net
nmexa.com
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com
www.facebook.com
1    151.101.194.137 (San Francisco, United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)
widgets.amung.us
2    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f3.1e100.net
fonts.gstatic.com
1    172.67.8.141 (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
Apex Domain
Subdomains		 Transfer
11 nmexa.com
nmexa.com
394 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
3 KB
2 gstatic.com
fonts.gstatic.com
48 KB
2 amung.us
widgets.amung.us — Cisco Umbrella Rank: 31231
whos.amung.us — Cisco Umbrella Rank: 22332
4 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 847
33 KB
1 tinyurl.com
tinyurl.com — Cisco Umbrella Rank: 21195
806 B
21 7
Domain Requested by
11 nmexa.com nmexa.com
3 www.facebook.com nmexa.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com nmexa.com
1 whos.amung.us widgets.amung.us
1 widgets.amung.us nmexa.com
1 code.jquery.com nmexa.com
1 tinyurl.com 1 redirects
21 8

This site contains no links.

Subject Issuer Validity Valid
nmexa.com
Starfield Secure Certificate Authority - G2		 2024-02-16 -
2025-02-16		 a year crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-10 -
2024-12-09		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
amung.us
WE1		 2024-11-02 -
2025-01-31		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://nmexa.com/grant/jm/
Frame ID: DE61230E77ABD5C6C36B48AEFD33FE74
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RASEDCOM

Page URL History Show full URLs

  1. https://tinyurl.com/grant-jm HTTP 301
    https://nmexa.com/grant/jm/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

25 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

483 kB
Transfer

566 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tinyurl.com/grant-jm HTTP 301
    https://nmexa.com/grant/jm/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nmexa.com/grant/jm/
Redirect Chain
  • https://tinyurl.com/grant-jm
  • https://nmexa.com/grant/jm/
20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nmexa.com/grant/jm/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
127.236.12.198.host.secureserver.net
Software
Apache /
Resource Hash
6668ca4a2beb812199c681864c46108e5c1fe3ab0ace21ae9f8502d9ea4a3413

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
br
content-length
4636
content-type
text/html
date
Mon, 02 Dec 2024 12:16:54 GMT
etag
"32e0670-508d-620f006f19740-br"
last-modified
Sat, 31 Aug 2024 00:45:41 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
cf-cache-status
HIT
cf-ray
8ebb4028fb04dbbd-FRA
content-type
text/html; charset=utf-8
date
Mon, 02 Dec 2024 12:16:52 GMT
location
https://nmexa.com/grant/jm/
referrer-policy
unsafe-url
server
cloudflare
server-timing
cfCacheStatus;desc="HIT"
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
noindex
x-tinyurl-redirect
eyJpdiI6IlpPTUlFSjhDa1dYbnNNaUZiU2NwTGc9PSIsInZhbHVlIjoiRjBTT1k5eHdIeGxoWkFsTW0yUGd0cEhRKzYyaFB1dXNWbDdRMmVDQVlVbjBFalE1VHZQRzU1K1dvcmNpSlRLU3FjOGtCV0ZDK2RUUmtuekJDcVl0OXc9PSIsIm1hYyI6IjdkNzEyZjVjOGI1ODVjYTE4ZTNiNGQ1NmRhY2ZhYzgwMjM1MjgyZTMyMGIwOGNlMDBmNmU3MGUyMDIzOTQ0ZDYiLCJ0YWciOiIifQ==
x-tinyurl-redirect-type
redirect
x-xss-protection
1; mode=block
font-awesome.min.css
nmexa.com/grant/jm/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nmexa.com/grant/jm/css/font-awesome.min.css
Requested by
Host: nmexa.com
URL: https://nmexa.com/grant/jm/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
127.236.12.198.host.secureserver.net
Software
Apache /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nmexa.com/grant/jm/

Response headers

accept-ranges
bytes
content-length
703
content-encoding
br
date
Mon, 02 Dec 2024 12:16:55 GMT
content-type
text/html
vary
Accept-Encoding
server
Apache
css2
fonts.googleapis.com/ 		2 KB
879 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@500;700&display=swap
Requested by
Host: nmexa.com
URL: https://nmexa.com/grant/jm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd0a80fb92bb60cf3c28a03ed20fcc0e9f3a77f470e06fd233b28feba1902c57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nmexa.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 02 Dec 2024 12:16:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 12:16:55 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 02 Dec 2024 12:16:55 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
droidarabicnaskh.css
nmexa.com/grant/jm/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nmexa.com/grant/jm/css/droidarabicnaskh.css
Requested by
Host: nmexa.com
URL: https://nmexa.com/grant/jm/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
127.236.12.198.host.secureserver.net
Software
Apache /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nmexa.com/grant/jm/

Response headers

accept-ranges
bytes
content-length
703
content-encoding
br
date
Mon, 02 Dec 2024 12:16:55 GMT
content-type
text/html
vary
Accept-Encoding
server
Apache
droidarabicnaskh.css
fonts.googleapis.com/earlyaccess/ 		1 KB
383 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/earlyaccess/droidarabicnaskh.css
Requested by
Host: nmexa.com
URL: https://nmexa.com/grant/jm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nmexa.com/

Response headers

cache-control
private, max-age=86400
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
content-encoding
gzip
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 02 Dec 2024 12:16:55 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 12:16:55 GMT
x-xss-protection
0
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
header.png
nmexa.com/grant/jm/images/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmexa.com/grant/jm/images/header.png
Requested by
Host: nmexa.com
URL: https://nmexa.com/grant/jm/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
127.236.12.198.host.secureserver.net
Software
Apache /
Resource Hash
59997a400976a197241ddaad0c3d6ca15080c95152f57abbc5f66a1228272b0d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nmexa.com/grant/jm/

Response headers

accept-ranges
bytes
content-length
35285
etag
"32e066f-89d5-61ec5c245aa40"
date
Mon, 02 Dec 2024 12:16:55 GMT
last-modified
Sat, 03 Aug 2024 11:29:37 GMT
content-type
image/png
server
Apache
main.png
nmexa.com/grant/jm/images/ 		304 KB
304 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmexa.com/grant/jm/images/main.png
Requested by
Host: nmexa.com
URL: https://nmexa.com/grant/jm/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
127.236.12.198.host.secureserver.net
Software
Apache /
Resource Hash
ab104b1f4a2288cd6bd05f9a154f701c6b0f0385e45362982876c9b9a8f6ef9d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nmexa.com/grant/jm/

Response headers

accept-ranges
bytes
content-length
311390
etag
"32e066c-4c05e-61d2a41eac200"
date
Mon, 02 Dec 2024 12:16:55 GMT
last-modified
Sun, 14 Jul 2024 00:33:12 GMT
content-type
image/png
server
Apache
money.png
nmexa.com/grant/jm/images/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmexa.com/grant/jm/images/money.png
Requested by
Host: nmexa.com
URL: https://nmexa.com/grant/jm/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
127.236.12.198.host.secureserver.net
Software
Apache /
Resource Hash
12fd6847f68be760d13b6bb5714f83fe1278e2e205fc47311b078a4448bd82bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nmexa.com/grant/jm/

Response headers

accept-ranges
bytes
content-length
30756
etag
"32e065d-7824-61d2aef024800"
date
Mon, 02 Dec 2024 12:16:55 GMT
last-modified
Sun, 14 Jul 2024 01:21:36 GMT
content-type
image/png
server
Apache
/
www.facebook.com/reaction/image/1635855486666999/ 		815 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/reaction/image/1635855486666999/?size=20&scale=1
Requested by
Host: nmexa.com
URL: https://nmexa.com/grant/jm/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
39d8ba5c57b637434d21319acfa9fe2029cc88839cab8a4767b8854c60339921
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nmexa.com/

Response headers

report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 05:08:28 +0000
date
Thu, 28 Nov 2024 05:08:28 GMT
content-type
image/png
x-fb-debug
hSjrR8Eh87k2S72Q7s+S40Ti3K7TFuiiFclRxTRueP6ci3QwRQYIFjUee2tJtuUOeAiKGLvQhgU6/DoUNNySMg==
priority
u=2,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
public, max-age=1209600
cross-origin-opener-policy
same-origin-allow-popups
pragma
public
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
content-length
815
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/reaction/image/1678524932434102/ 		816 B
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/reaction/image/1678524932434102/?size=20&scale=1
Requested by
Host: nmexa.com
URL: https://nmexa.com/grant/jm/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
81d62c74016d8779cb91019934882095ad606798f3f32327fa4dadf9d023a4d5
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nmexa.com/

Response headers

report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 02:32:46 +0000
date
Thu, 28 Nov 2024 02:32:46 GMT
content-type
image/png
x-fb-debug
M3Wr4Kt230iME4aMQBABTuDblDh/a7cpxiXXBMflNmn+84UoHV0U6HAYPa9y7BodgG5b8885njtWUmn/Ei+7cw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=2,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
public, max-age=1209600
cross-origin-opener-policy
same-origin-allow-popups
pragma
public
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
content-length
816
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/reaction/image/613557422527858/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/reaction/image/613557422527858/?size=20&scale=1
Requested by
Host: nmexa.com
URL: https://nmexa.com/grant/jm/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
7b7cc49ed4945a43ca361ca9e327cd907f5520cec87858b820e02a6db6d55779
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nmexa.com/

Response headers

report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sun, 15 Dec 2024 00:27:53 +0000
date
Sun, 01 Dec 2024 00:27:53 GMT
content-type
image/png
x-fb-debug
FCBUKxrtuXZSmi7Y6Rh6L1Rvwyk75pNp7LeD7IHgOHhc2j1im7cHYZssAjJz4gbfpzE9WqsbbfB1OfV9esWf4A==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
public, max-age=1209600
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cross-origin-opener-policy
same-origin-allow-popups
pragma
public
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
content-length
1179
x-xss-protection
0
origin-agent-cluster
?1
1.png
nmexa.com/grant/jm/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmexa.com/grant/jm/images/1.png
Requested by
Host: nmexa.com
URL: https://nmexa.com/grant/jm/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
127.236.12.198.host.secureserver.net
Software
Apache /
Resource Hash
aa2b61dcf26b23b04a6a4d308299a373352a98fb0f83850c07f2759a4cb19e6c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nmexa.com/grant/jm/

Response headers

accept-ranges
bytes
content-length
4830
etag
"32e066e-12de-61bfad36a58c0"
date
Mon, 02 Dec 2024 12:16:55 GMT
last-modified
Fri, 28 Jun 2024 22:32:43 GMT
content-type
image/png
server
Apache
4.png
nmexa.com/grant/jm/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmexa.com/grant/jm/images/4.png
Requested by
Host: nmexa.com
URL: https://nmexa.com/grant/jm/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
127.236.12.198.host.secureserver.net
Software
Apache /
Resource Hash
386ae9b204926959de0ea9772b9d8de4d9f7b1a7a73c38fb9fa798d30c9d8699

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nmexa.com/grant/jm/

Response headers

accept-ranges
bytes
content-length
7164
etag
"32e0662-1bfc-61bfad36a58c0"
date
Mon, 02 Dec 2024 12:16:55 GMT
last-modified
Fri, 28 Jun 2024 22:32:43 GMT
content-type
image/png
server
Apache
2.png
nmexa.com/grant/jm/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmexa.com/grant/jm/images/2.png
Requested by
Host: nmexa.com
URL: https://nmexa.com/grant/jm/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
127.236.12.198.host.secureserver.net
Software
Apache /
Resource Hash
9b0bf61bff05240c10019686f49282a0d196b2cbfc262adf3e0cc8c5f740d79a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nmexa.com/grant/jm/

Response headers

accept-ranges
bytes
content-length
4396
etag
"32e0660-112c-61bfad36a58c0"
date
Mon, 02 Dec 2024 12:17:19 GMT
last-modified
Fri, 28 Jun 2024 22:32:43 GMT
content-type
image/png
server
Apache
3.png
nmexa.com/grant/jm/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmexa.com/grant/jm/images/3.png
Requested by
Host: nmexa.com
URL: https://nmexa.com/grant/jm/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
127.236.12.198.host.secureserver.net
Software
Apache /
Resource Hash
cc37bf577310ba6b68febe8ab3fc8344872ee66ed62a25fa1cb4a42d1d4f2dbc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nmexa.com/grant/jm/

Response headers

accept-ranges
bytes
content-length
3462
etag
"32e0668-d86-61bfad36a58c0"
date
Mon, 02 Dec 2024 12:17:19 GMT
last-modified
Fri, 28 Jun 2024 22:32:43 GMT
content-type
image/png
server
Apache
jquery-latest.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-latest.min.js
Requested by
Host: nmexa.com
URL: https://nmexa.com/grant/jm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nmexa.com/

Response headers

content-encoding
gzip
etag
W/"28feccc0-1762a"
age
3046398
x-cache
HIT, HIT
date
Mon, 02 Dec 2024 12:16:56 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
71, 120773
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21983-LGA, cache-fra-etou8220059-FRA
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1733141816.249895,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
33202
server
nginx
small.js
widgets.amung.us/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.amung.us/small.js
Requested by
Host: nmexa.com
URL: https://nmexa.com/grant/jm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nmexa.com/

Response headers

cache-control
max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"63c0412c-2170"
age
1376
cf-ray
8ebb403d1ba265bd-FRA
expires
Tue, 03 Dec 2024 11:53:59 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 12:16:55 GMT
content-type
application/x-javascript
last-modified
Thu, 12 Jan 2023 17:19:40 GMT
vary
Accept-Encoding
server
cloudflare
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://nmexa.com
Referer
https://fonts.googleapis.com/

Response headers

age
340129
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 13:48:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 13:48:06 GMT
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
DroidNaskh-Bold.woff2
fonts.gstatic.com/ea/droidarabicnaskh/v7/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/ea/droidarabicnaskh/v7/DroidNaskh-Bold.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/droidarabicnaskh.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
0a6b3b2583f0b9ea7da829409bcde3dc1641adb9092100bf2e1415d61cde46d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://nmexa.com
Referer
https://fonts.googleapis.com/

Response headers

content-encoding
gzip
age
545957
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 04:37:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 04:37:38 GMT
last-modified
Wed, 13 Aug 2014 16:50:04 GMT
content-type
font/woff2
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
41271
x-xss-protection
0
server
sffe
/
whos.amung.us/pingjs/ 		26 B
211 B 		Script
General
Check archive.org
Download Go to
Full URL
https://whos.amung.us/pingjs/?k=soldne&t=RASEDCOM&c=s&x=https%3A%2F%2Fnmexa.com%2Fgrant%2Fjm%2F%23&y=&a=-1&d=4.591&v=27&r=4834
Requested by
Host: widgets.amung.us
URL: https://widgets.amung.us/small.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.8.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dff7356f1d3f8fbccd256bbba00cab76190e9cb27a1aca409d66a183aad4a781

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nmexa.com/

Response headers

cf-ray
8ebb4045cc9bd35c-FRA
alt-svc
h3=":443"; ma=86400
content-encoding
gzip
cf-cache-status
DYNAMIC
date
Mon, 02 Dec 2024 12:16:57 GMT
content-type
text/javascript;charset=UTF-8
server
cloudflare
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
favicon.ico
nmexa.com/ 		2 KB
757 B 		Other
General
Check archive.org
Download Go to
Full URL
https://nmexa.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
127.236.12.198.host.secureserver.net
Software
Apache /
Resource Hash
cdc8b52c9402b72ef9c698027c0d2ea63058ed98b832a31d3ac57c9e7f8b35ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nmexa.com/grant/jm/

Response headers

accept-ranges
bytes
content-length
703
content-encoding
br
date
Mon, 02 Dec 2024 12:17:23 GMT
content-type
text/html
vary
Accept-Encoding
server
Apache

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| errorname string| errornumber string| text string| error string| cpa string| saved string| share number| likes number| comments number| shares function| WAU_small function| WAU_small_request function| WAU_r_s function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| x string| x1

1 Cookies

Domain/Path Name / Value
.tinyurl.com/ Name: __cf_bm
Value: XhTQR2aVcMo5fXlmJ.bRX2bNq8bvWXuUKR3UieYuLN8-1733141812-1.0.1.1-T79i16jPo86Wm006MwmiVXEJQbjKpeuoQDvYvNoilUAZWZkoeV5ZQ4ZFvRXpir57gJEvbtz8983usGn0DCL3OQ

3 Console Messages

Source Level URL
Text
network error URL: https://nmexa.com/grant/jm/css/font-awesome.min.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://nmexa.com/grant/jm/css/droidarabicnaskh.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://nmexa.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
nmexa.com
tinyurl.com
whos.amung.us
widgets.amung.us
www.facebook.com
104.17.112.233
151.101.194.137
157.240.253.35
172.217.18.3
172.67.8.141
198.12.236.127
2606:4700:10::ac43:88d
2a00:1450:4001:813::200a
0a6b3b2583f0b9ea7da829409bcde3dc1641adb9092100bf2e1415d61cde46d6
0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849
12fd6847f68be760d13b6bb5714f83fe1278e2e205fc47311b078a4448bd82bb
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1
386ae9b204926959de0ea9772b9d8de4d9f7b1a7a73c38fb9fa798d30c9d8699
39d8ba5c57b637434d21319acfa9fe2029cc88839cab8a4767b8854c60339921
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
59997a400976a197241ddaad0c3d6ca15080c95152f57abbc5f66a1228272b0d
6668ca4a2beb812199c681864c46108e5c1fe3ab0ace21ae9f8502d9ea4a3413
7b7cc49ed4945a43ca361ca9e327cd907f5520cec87858b820e02a6db6d55779
81d62c74016d8779cb91019934882095ad606798f3f32327fa4dadf9d023a4d5
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9b0bf61bff05240c10019686f49282a0d196b2cbfc262adf3e0cc8c5f740d79a
aa2b61dcf26b23b04a6a4d308299a373352a98fb0f83850c07f2759a4cb19e6c
ab104b1f4a2288cd6bd05f9a154f701c6b0f0385e45362982876c9b9a8f6ef9d
cc37bf577310ba6b68febe8ab3fc8344872ee66ed62a25fa1cb4a42d1d4f2dbc
cdc8b52c9402b72ef9c698027c0d2ea63058ed98b832a31d3ac57c9e7f8b35ed
dff7356f1d3f8fbccd256bbba00cab76190e9cb27a1aca409d66a183aad4a781
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
fd0a80fb92bb60cf3c28a03ed20fcc0e9f3a77f470e06fd233b28feba1902c57