nmexa.com Open in urlscan Pro
198.12.236.127 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tinyurl.com/rased-libye
Effective URL:
http://nmexa.com/ly/
Submission: On February 21 via manual (February 21st 2024, 9:46:59 am UTC) from LY — Scanned from DE

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 23 HTTP transactions. The main IP is 198.12.236.127, located in Ashburn, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is nmexa.com.

This is the only time nmexa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::ac43:1e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 14	198.12.236.127 198.12.236.127	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6816:4aab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:4bab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	9

1 2606:4700:10::ac43:1e1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tinyurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 198.12.236.127 (Ashburn, United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 127.236.12.198.host.secureserver.net

nmexa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

userstatics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	nmexa.com 1 redirects nmexa.com	452 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	6 KB
2	amung.us widgets.amung.us — Cisco Umbrella Rank: 29387 whos.amung.us — Cisco Umbrella Rank: 14172	4 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 940	65 KB
1	userstatics.com userstatics.com — Cisco Umbrella Rank: 170307	696 B
1	gstatic.com fonts.gstatic.com	8 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	898 B
1	tinyurl.com 1 redirects tinyurl.com — Cisco Umbrella Rank: 17725	803 B
23	8

	Domain	Requested by
14	nmexa.com	1 redirects nmexa.com
3	www.facebook.com	nmexa.com
2	code.jquery.com	nmexa.com
1	userstatics.com	nmexa.com
1	whos.amung.us	widgets.amung.us
1	fonts.gstatic.com	fonts.googleapis.com
1	widgets.amung.us	nmexa.com
1	fonts.googleapis.com	nmexa.com
1	tinyurl.com	1 redirects
23	9

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
userstatics.com E1	`2024-01-29` - `2024-04-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://nmexa.com/ly/
Frame ID: E0EEE13D329A8B7B83CCC1D4D8A623F7
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RASEDCOM

Page URL History Show full URLs

https://tinyurl.com/rased-libye HTTP 301
http://nmexa.com/ly HTTP 301
http://nmexa.com/ly/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

35 %
HTTPS

78 %
IPv6

8
Domains

9
Subdomains

9
IPs

3
Countries

538 kB
Transfer

756 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tinyurl.com/rased-libye HTTP 301
http://nmexa.com/ly HTTP 301
http://nmexa.com/ly/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
nmexa.com/ly/
Redirect Chain

https://tinyurl.com/rased-libye
http://nmexa.com/ly
http://nmexa.com/ly/

19 KB
5 KB

151ms
150ms

Document
text/html

198.12.236.127
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://nmexa.com/ly/
Protocol: HTTP/1.1
Server: 198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 127.236.12.198.host.secureserver.net
Software: Apache /
Resource Hash: 8839c1dfccb615dbf7f5248261ce4af55b4ac543bf8e2716a774dfa86089bb15

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 5051
Content-Type: text/html
Date: Wed, 21 Feb 2024 09:46:54 GMT
ETag: "3641038-4cac-611b864ea5f40-gzip"
Keep-Alive: timeout=5
Last-Modified: Mon, 19 Feb 2024 09:05:25 GMT
Server: Apache
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 228
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 21 Feb 2024 09:46:54 GMT
Keep-Alive: timeout=5
Location: http://nmexa.com/ly/
Server: Apache

GET
H/1.1 200
OK font-awesome.min.css
nmexa.com/ly/css/ 30 KB
7 KB 151ms
151ms Stylesheet
text/css 198.12.236.127
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://nmexa.com/ly/css/font-awesome.min.css
Requested by: Host: nmexa.com
URL: http://nmexa.com/ly/
Protocol: HTTP/1.1
Server: 198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 127.236.12.198.host.secureserver.net
Software: Apache /
Resource Hash: 7794957586447e251b87cc7e1281c284bd5f342908f09864f4ee9a7292966faa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmexa.com/ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 09:46:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Feb 2024 13:19:53 GMT
Server: Apache
ETag: "3701473-78f2-610b66f05b040-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 7055

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
898 B 40ms
18ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@500;700&display=swap

Requested by

Host: nmexa.com
URL: http://nmexa.com/ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af784c1cfb0603b97d3a02ab87ab1c8f43228efc2b0f87995c080ef1dbfb5b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmexa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Feb 2024 09:46:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 09:46:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Feb 2024 09:46:54 GMT

GET
H/1.1 200
OK droidarabicnaskh.css
nmexa.com/ly/css/ 875 B
609 B 297ms
149ms Stylesheet
text/css 198.12.236.127
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://nmexa.com/ly/css/droidarabicnaskh.css
Requested by: Host: nmexa.com
URL: http://nmexa.com/ly/
Protocol: HTTP/1.1
Server: 198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 127.236.12.198.host.secureserver.net
Software: Apache /
Resource Hash: ae35330c7f3ef6ce93a11057475dfa88512ec8f7140a3a4316ef05bd98289585

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmexa.com/ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 09:46:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Feb 2024 13:19:53 GMT
Server: Apache
ETag: "3701474-36b-610b66f05b040-gzip"
Vary: Accept-Encoding
Upgrade: h2,h2c
Content-Type: text/css
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 264

GET
H/1.1 200
OK header.png
nmexa.com/ly/images/ 3 KB
3 KB 299ms
150ms Image
image/png 198.12.236.127
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nmexa.com/ly/images/header.png
Requested by: Host: nmexa.com
URL: http://nmexa.com/ly/
Protocol: HTTP/1.1
Server: 198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 127.236.12.198.host.secureserver.net
Software: Apache /
Resource Hash: dfbb7e5a6a4f6220935455b73ef568606ca0bff2243ddca15350bcdf5645f271

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmexa.com/ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 09:46:54 GMT
Last-Modified: Tue, 06 Feb 2024 18:08:40 GMT
Server: Apache
ETag: "370146f-ba2-610ba77caba00"
Upgrade: h2,h2c
Content-Type: image/png
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 2978

GET
H/1.1 200
OK flag.png
nmexa.com/ly/images/ 89 KB
89 KB 303ms
152ms Image
image/png 198.12.236.127
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nmexa.com/ly/images/flag.png
Requested by: Host: nmexa.com
URL: http://nmexa.com/ly/
Protocol: HTTP/1.1
Server: 198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 127.236.12.198.host.secureserver.net
Software: Apache /
Resource Hash: b5377cd44ea3f25f303329e27499529becb5b39af06e186135b8794b747bef29

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmexa.com/ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 09:46:54 GMT
Last-Modified: Fri, 16 Feb 2024 16:44:05 GMT
Server: Apache
ETag: "370003e-163a5-6118273b61f40"
Upgrade: h2,h2c
Content-Type: image/png
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 91045

GET
H/1.1 200
OK main.png
nmexa.com/ly/images/ 10 KB
10 KB 284ms
150ms Image
image/png 198.12.236.127
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nmexa.com/ly/images/main.png
Requested by: Host: nmexa.com
URL: http://nmexa.com/ly/
Protocol: HTTP/1.1
Server: 198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 127.236.12.198.host.secureserver.net
Software: Apache /
Resource Hash: 882c77b0aefdaa989069222a0db0f9eba23ce13728b5ad88bf2b7a10aac8aeae

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmexa.com/ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 09:46:54 GMT
Last-Modified: Fri, 16 Feb 2024 16:47:15 GMT
Server: Apache
ETag: "370146d-28bd-611827f094ac0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 10429

GET
H2 200 /
www.facebook.com/reaction/image/1635855486666999/ 815 B
4 KB 25ms
8ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/reaction/image/1635855486666999/?size=20&scale=1

Requested by

Host: nmexa.com
URL: http://nmexa.com/ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39d8ba5c57b637434d21319acfa9fe2029cc88839cab8a4767b8854c60339921

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmexa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=();report-to="permissions_policy"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Wed, 21 Feb 2024 02:59:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
content-length: 815
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: 3+g5OvjtG0yW3MOYYEHqWi2db9arm5OHlkdtv40GVVnkma4900T97/hZvFc9+QAfP/+FLIiLV6zVF38JzuCq3w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-frame-options: DENY
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
cache-control: public, max-age=1209600
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Wed, 06 Mar 2024 02:59:36 +0000

GET
H2 200 /
www.facebook.com/reaction/image/1678524932434102/ 816 B
1 KB 26ms
9ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/reaction/image/1678524932434102/?size=20&scale=1

Requested by

Host: nmexa.com
URL: http://nmexa.com/ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

81d62c74016d8779cb91019934882095ad606798f3f32327fa4dadf9d023a4d5

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmexa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=();report-to="permissions_policy"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Wed, 14 Feb 2024 17:39:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
content-length: 816
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: moIhrROMrk+/Fkuz2GW/a4szSP3v8J8TbSqBlgPQNesECeb4oiFDvmpkw9OQyZpu/e1zyoCEPi3etmeV7bfzIw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-frame-options: DENY
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
cache-control: public, max-age=1209600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Wed, 28 Feb 2024 17:39:47 +0000

GET
H2 200 /
www.facebook.com/reaction/image/613557422527858/ 1 KB
1 KB 25ms
9ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/reaction/image/613557422527858/?size=20&scale=1

Requested by

Host: nmexa.com
URL: http://nmexa.com/ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7b7cc49ed4945a43ca361ca9e327cd907f5520cec87858b820e02a6db6d55779

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmexa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=();report-to="permissions_policy"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Wed, 21 Feb 2024 02:59:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
content-length: 1179
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: RRXdqeNrPw24zNthVuaGgVEhBzGXZ71r2T8KtH+QygT8S9jscwuMv+A8B9n+Hiw90xonux4nJ2fZSuywogsIrA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-frame-options: DENY
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
cache-control: public, max-age=1209600
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Wed, 06 Mar 2024 02:59:36 +0000

GET
H/1.1 200
OK 7PWScYK.jpg
nmexa.com/ly/images/ 6 KB
7 KB 167ms
150ms Image
image/jpeg 198.12.236.127
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nmexa.com/ly/images/7PWScYK.jpg
Requested by: Host: nmexa.com
URL: http://nmexa.com/ly/
Protocol: HTTP/1.1
Server: 198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 127.236.12.198.host.secureserver.net
Software: Apache /
Resource Hash: 4b6bb55159db46c2298f62204067e699aa774e3a5843ecabf9d274acd6c735b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmexa.com/ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 09:46:54 GMT
Last-Modified: Tue, 06 Feb 2024 13:19:53 GMT
Server: Apache
ETag: "3700041-1927-610b66f05b040"
Upgrade: h2,h2c
Content-Type: image/jpeg
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 6439

GET
H/1.1 200
OK LTaIyr5.jpg
nmexa.com/ly/images/ 50 KB
51 KB 149ms
149ms Image
image/jpeg 198.12.236.127
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nmexa.com/ly/images/LTaIyr5.jpg
Requested by: Host: nmexa.com
URL: http://nmexa.com/ly/
Protocol: HTTP/1.1
Server: 198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 127.236.12.198.host.secureserver.net
Software: Apache /
Resource Hash: 3f967a2a983a9f507e19f92ae95ef1fcda4f9aedc319e92ae00a3cc2c66b81dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmexa.com/ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 09:46:54 GMT
Last-Modified: Tue, 06 Feb 2024 13:19:53 GMT
Server: Apache
ETag: "3700070-c9a3-610b66f05b040"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 51619

GET
H/1.1 200
OK rQ9Nu6H.jpg
nmexa.com/ly/images/ 40 KB
41 KB 150ms
150ms Image
image/jpeg 198.12.236.127
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nmexa.com/ly/images/rQ9Nu6H.jpg
Requested by: Host: nmexa.com
URL: http://nmexa.com/ly/
Protocol: HTTP/1.1
Server: 198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 127.236.12.198.host.secureserver.net
Software: Apache /
Resource Hash: b1458c65710ff945274e466cd8654d8ce7c3340761a2fca36a8e5f3eff1738b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmexa.com/ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 09:46:54 GMT
Last-Modified: Tue, 06 Feb 2024 13:19:53 GMT
Server: Apache
ETag: "3700043-a113-610b66f05b040"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 41235

GET
H2 200 jquery-latest.min.js Show response
code.jquery.com/ 94 KB
33 KB 39ms
7ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-latest.min.js
Requested by: Host: nmexa.com
URL: http://nmexa.com/ly/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmexa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 09:46:54 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 607585
x-cache: HIT, HIT
content-length: 33202
x-served-by: cache-lga21983-LGA, cache-fra-etou8220031-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1708508815.553272,VS0,VE0
etag: W/"28feccc0-1762a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 71, 28045

GET
H/1.1 200
OK jquery-latest.min.js Show response
nmexa.com/ly/js/ 94 KB
33 KB 303ms
155ms Script
text/javascript 198.12.236.127
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://nmexa.com/ly/js/jquery-latest.min.js
Requested by: Host: nmexa.com
URL: http://nmexa.com/ly/
Protocol: HTTP/1.1
Server: 198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 127.236.12.198.host.secureserver.net
Software: Apache /
Resource Hash: 6c90c370760905e048b2148921404d3f4ca684bcd0da83dbe06d155d2fd9698b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmexa.com/ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 09:46:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Feb 2024 13:19:53 GMT
Server: Apache
ETag: "3701471-177f8-610b66f05b040-gzip"
Vary: Accept-Encoding
Upgrade: h2,h2c
Content-Type: text/javascript
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 33499

GET
H/1.1 200
OK small.js Show response
widgets.amung.us/ 8 KB
4 KB 42ms
24ms Script
application/x-javascript 2606:4700:10::6816:4aab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://widgets.amung.us/small.js
Requested by: Host: nmexa.com
URL: http://nmexa.com/ly/
Protocol: HTTP/1.1
Server: 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmexa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 09:46:54 GMT
content-encoding: gzip
CF-Cache-Status: HIT
Age: 3039
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Jan 2023 17:19:17 GMT
Server: cloudflare
etag: W/"63c04115-2170"
Vary: Accept-Encoding
Content-Type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
CF-RAY: 858e109adffd4daf-FRA
expires: Thu, 22 Feb 2024 08:56:15 GMT

GET
H/1.1 200
OK flag.png
nmexa.com/ly/images/ 89 KB
89 KB 150ms
150ms Image
image/png 198.12.236.127
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nmexa.com/ly/images/flag.png
Requested by: Host: nmexa.com
URL: http://nmexa.com/ly/
Protocol: HTTP/1.1
Server: 198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 127.236.12.198.host.secureserver.net
Software: Apache /
Resource Hash: b5377cd44ea3f25f303329e27499529becb5b39af06e186135b8794b747bef29

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmexa.com/ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 09:46:54 GMT
Last-Modified: Fri, 16 Feb 2024 16:44:05 GMT
Server: Apache
ETag: "370003e-163a5-6118273b61f40"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 91045

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://nmexa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 03:51:59 GMT
x-content-type-options: nosniff
age: 21295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 03:51:59 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
nmexa.com/ly/fonts/ 75 KB
76 KB 164ms
150ms Font
font/woff2 198.12.236.127
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://nmexa.com/ly/fonts/fontawesome-webfont.woff2
Requested by: Host: nmexa.com
URL: http://nmexa.com/ly/css/font-awesome.min.css
Protocol: HTTP/1.1
Server: 198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 127.236.12.198.host.secureserver.net
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: http://nmexa.com/ly/css/font-awesome.min.css
Origin: http://nmexa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 09:46:54 GMT
Last-Modified: Tue, 06 Feb 2024 13:19:53 GMT
Server: Apache
ETag: "3641032-12d68-610b66f05b040"
Vary: Accept-Encoding
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 77160

GET
H/1.1 200
OK DroidNaskh-Bold.woff2
nmexa.com/ly/fonts/ 40 KB
41 KB 396ms
230ms Font
font/woff2 198.12.236.127
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://nmexa.com/ly/fonts/DroidNaskh-Bold.woff2
Requested by: Host: nmexa.com
URL: http://nmexa.com/ly/css/droidarabicnaskh.css
Protocol: HTTP/1.1
Server: 198.12.236.127 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 127.236.12.198.host.secureserver.net
Software: Apache /
Resource Hash: 0a6b3b2583f0b9ea7da829409bcde3dc1641adb9092100bf2e1415d61cde46d6

Request headers

Referer: http://nmexa.com/ly/css/droidarabicnaskh.css
Origin: http://nmexa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 09:46:55 GMT
Last-Modified: Tue, 06 Feb 2024 13:19:53 GMT
Server: Apache
ETag: "3640f3f-a124-610b66f05b040"
Vary: Accept-Encoding
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 41252

GET
H2 200 jquery-latest.min.js Show response
code.jquery.com/ 94 KB
33 KB 6ms
6ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-latest.min.js
Requested by: Host: nmexa.com
URL: http://nmexa.com/ly/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmexa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 09:46:54 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 607585
x-cache: HIT, HIT
content-length: 33202
x-served-by: cache-lga21983-LGA, cache-fra-etou8220031-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1708508815.984025,VS0,VE0
etag: W/"28feccc0-1762a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 71, 28046

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ 25 B
339 B 361ms
336ms Script
text/javascript 2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=aidly&t=RASEDCOM&c=s&x=http%3A%2F%2Fnmexa.com%2Fly%2F%23&y=&a=-1&d=1.249&v=27&r=845
Requested by: Host: widgets.amung.us
URL: http://widgets.amung.us/small.js
Protocol: HTTP/1.1
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db34bca78fbe682a69b04f79e4d04b93b77c46670fcd247597ff0584ea7febd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmexa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 09:46:55 GMT
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Connection: keep-alive
CF-RAY: 858e109ecb8530f6-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmexa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 script.js Show response
userstatics.com/get/ 133 B
696 B 78ms
37ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userstatics.com/get/script.js?referrer=http://nmexa.com/ly/
Requested by: Host: nmexa.com
URL: http://nmexa.com/ly/js/jquery-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.1
Resource Hash: df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmexa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 09:46:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.1
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: http://nmexa.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5leTnxvvKscxEC03UZA5%2FNAOnf9T2uruX0uGqDtfsbDPhVIuZ2dI9hvGL0CrC8ox0ULFF5%2BOCEEKYj%2F4uotvTJhfWappSpQVdNO4CtX10hgYnwm8qw7D%2BZU4nbpgz5A5Do%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 858e10a4291ab8f1-AMS
access-control-allow-headers: X-Requested-With,content-type
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			nmexa.com/ly	1970-01-20 18:35:48	Name: PHPREFS Value: full
			.tinyurl.com/	1970-01-20 18:35:10	Name: __cf_bm Value: bEfnxfxj6_W12j1m__OnO86JJ1K8jDjjDIyfyfiANok-1708508814-1.0-AQavq7pjKRg3aZzPUZ7JYGDlR9SnPKOiiZoBg5oF+N7evCvChfkaFSXsOvD/HaOO71yYobQn6a1HWdvkxJ06ImM=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
nmexa.com
tinyurl.com
userstatics.com
whos.amung.us
widgets.amung.us
www.facebook.com
188.114.96.3
198.12.236.127
2606:4700:10::6816:4aab
2606:4700:10::6816:4bab
2606:4700:10::ac43:1e1
2a00:1450:4001:812::200a
2a00:1450:4001:830::2003
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::649
0a6b3b2583f0b9ea7da829409bcde3dc1641adb9092100bf2e1415d61cde46d6
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
39d8ba5c57b637434d21319acfa9fe2029cc88839cab8a4767b8854c60339921
3f967a2a983a9f507e19f92ae95ef1fcda4f9aedc319e92ae00a3cc2c66b81dc
4b6bb55159db46c2298f62204067e699aa774e3a5843ecabf9d274acd6c735b1
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
6c90c370760905e048b2148921404d3f4ca684bcd0da83dbe06d155d2fd9698b
7794957586447e251b87cc7e1281c284bd5f342908f09864f4ee9a7292966faa
7b7cc49ed4945a43ca361ca9e327cd907f5520cec87858b820e02a6db6d55779
81d62c74016d8779cb91019934882095ad606798f3f32327fa4dadf9d023a4d5
882c77b0aefdaa989069222a0db0f9eba23ce13728b5ad88bf2b7a10aac8aeae
8839c1dfccb615dbf7f5248261ce4af55b4ac543bf8e2716a774dfa86089bb15
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
ae35330c7f3ef6ce93a11057475dfa88512ec8f7140a3a4316ef05bd98289585
af784c1cfb0603b97d3a02ab87ab1c8f43228efc2b0f87995c080ef1dbfb5b3c
b1458c65710ff945274e466cd8654d8ce7c3340761a2fca36a8e5f3eff1738b7
b5377cd44ea3f25f303329e27499529becb5b39af06e186135b8794b747bef29
db34bca78fbe682a69b04f79e4d04b93b77c46670fcd247597ff0584ea7febd5
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26
dfbb7e5a6a4f6220935455b73ef568606ca0bff2243ddca15350bcdf5645f271
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

nmexa.com Open in urlscan Pro 198.12.236.127 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

35 %HTTPS

78 %IPv6

8 Domains

9 Subdomains

9 IPs

3 Countries

538 kBTransfer

756 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

2 Cookies

Indicators

nmexa.com Open in urlscan Pro
198.12.236.127 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

35 %
HTTPS

78 %
IPv6

8
Domains

9
Subdomains

9
IPs

3
Countries

538 kB
Transfer

756 kB
Size

2
Cookies

23 HTTP transactions
1 data transactions