2.nmsau.com Open in urlscan Pro
92.103.221.132  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request irrff5gdn4z5vq2iio.htm Show response 2.nmsau.com/	29 KB 6 KB	89ms 64ms	Document text/html	92.103.221.132 AS-COMPLETEL
General Check archive.org Show headers Download Go to Full URL http://2.nmsau.com/irrff5gdn4z5vq2iio.htm Protocol HTTP/1.1 Server 92.103.221.132 Le Chesnay, France, ASN12670 (AS-COMPLETEL, FR), Reverse DNS 2.nmsau.com Software nginx / Resource Hash 3ac5642bf909ed0b9dc44d5e36281f0b083e39819c900142e7a67b53d17e7ea6 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Response headers Server nginx Date Fri, 25 Mar 2022 10:09:28 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Last-Modified Fri, 25 Mar 2022 10:09:28 +0000 Content-Encoding gzip
GET H/1.1	200	gdcfiles www.jevote.casden.fr/WV/	5 KB 5 KB	106ms 21ms	Image image/png	217.115.174.144 INTEGRA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.jevote.casden.fr/WV/gdcfiles?id=1FFFB5EA-9994-4077-BCDC-BDBD0F1814C6 Requested by Host: 2.nmsau.com URL: http://2.nmsau.com/irrff5gdn4z5vq2iio.htm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 217.115.174.144 Paris, France, ASN8723 (INTEGRA-AS, FR), Reverse DNS prod985-gedicom-gd1029y.integra.fr Software nginx/1.20.2 / Resource Hash b9f3b51de491e7e50eb5d10c7ce5e13a4ac23bc0dd0a164db055bd00213ef63c Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://2.nmsau.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma Date Fri, 25 Mar 2022 10:09:29 GMT X-Content-Type-Options nosniff Expires Fri, 25 Mar 2022 12:10:00 GMT Server nginx/1.20.2 X-Frame-Options DENY Content-Type image/png Content-Disposition inline;filename="LOGO_CASDEN.PNG" Cache-Control public, max-age=14400, immutable Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; Connection keep-alive Accept-Ranges bytes Content-Length 4777 X-XSS-Protection 1; mode=block X-Proxy-Cache HIT
GET H/1.1	200	gdcfiles www.jevote.casden.fr/WV/	182 KB 182 KB	165ms 60ms	Image image/jpeg	217.115.174.144 INTEGRA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.jevote.casden.fr/WV/gdcfiles?id=B8EEBCA9-1850-41EB-B056-BC3B2AD787FB Requested by Host: 2.nmsau.com URL: http://2.nmsau.com/irrff5gdn4z5vq2iio.htm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 217.115.174.144 Paris, France, ASN8723 (INTEGRA-AS, FR), Reverse DNS prod985-gedicom-gd1029y.integra.fr Software nginx/1.20.2 / Resource Hash 6f667f676321401ab3b8f121069736a65d2e11de289417213b9c0825827742fb Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://2.nmsau.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma Date Fri, 25 Mar 2022 10:09:29 GMT X-Content-Type-Options nosniff Expires Fri, 25 Mar 2022 11:31:46 GMT Server nginx/1.20.2 X-Frame-Options DENY Content-Type image/jpeg Content-Disposition inline;filename="BANNER-MAIL.JPG" Cache-Control public, max-age=14400, immutable Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; Connection keep-alive Accept-Ranges bytes Content-Length 186066 X-XSS-Protection 1; mode=block X-Proxy-Cache HIT
GET H/1.1	200	gdcfiles www.jevote.casden.fr/WV/	73 KB 73 KB	152ms 46ms	Image image/jpeg	217.115.174.144 INTEGRA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.jevote.casden.fr/WV/gdcfiles?id=0864B0A6-16BC-4696-997C-4D0EE5A69828 Requested by Host: 2.nmsau.com URL: http://2.nmsau.com/irrff5gdn4z5vq2iio.htm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 217.115.174.144 Paris, France, ASN8723 (INTEGRA-AS, FR), Reverse DNS prod985-gedicom-gd1029y.integra.fr Software nginx/1.20.2 / Resource Hash 33445f98c5efb037f5379ec52bbd606fb19cc4c485225be074d098d556b66312 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://2.nmsau.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma Date Fri, 25 Mar 2022 10:09:29 GMT X-Content-Type-Options nosniff Expires Fri, 25 Mar 2022 11:31:46 GMT Server nginx/1.20.2 X-Frame-Options DENY Content-Type image/jpeg Content-Disposition inline;filename="BANNER-RESPONSIVE.JPG" Cache-Control public, max-age=14400, immutable Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; Connection keep-alive Accept-Ranges bytes Content-Length 74489 X-XSS-Protection 1; mode=block X-Proxy-Cache HIT
GET H/1.1	200	gdcfiles www.jevote.casden.fr/WV/	180 B 724 B	184ms 57ms	Image image/png	217.115.174.144 INTEGRA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.jevote.casden.fr/WV/gdcfiles?id=24ABF00F-99BF-4B7C-88A3-D7C5E432CBEC Requested by Host: 2.nmsau.com URL: http://2.nmsau.com/irrff5gdn4z5vq2iio.htm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 217.115.174.144 Paris, France, ASN8723 (INTEGRA-AS, FR), Reverse DNS prod985-gedicom-gd1029y.integra.fr Software nginx/1.20.2 / Resource Hash 7013d7abf118f7e8ade14e0f6e0d7ab8ac310df3a45a68fd38ce8080cfddadf7 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://2.nmsau.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma Date Fri, 25 Mar 2022 10:09:29 GMT X-Content-Type-Options nosniff Expires Fri, 25 Mar 2022 12:10:00 GMT Server nginx/1.20.2 X-Frame-Options DENY Content-Type image/png Content-Disposition inline;filename="CHEVRON-RIGHT.PNG" Cache-Control public, max-age=14400, immutable Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; Connection keep-alive Accept-Ranges bytes Content-Length 180 X-XSS-Protection 1; mode=block X-Proxy-Cache HIT
GET H/1.1	200	gdcfiles www.jevote.casden.fr/WV/	405 B 944 B	217ms 70ms	Image image/png	217.115.174.144 INTEGRA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.jevote.casden.fr/WV/gdcfiles?id=369407AA-D726-4D3B-838A-B74B455A7E2F Requested by Host: 2.nmsau.com URL: http://2.nmsau.com/irrff5gdn4z5vq2iio.htm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 217.115.174.144 Paris, France, ASN8723 (INTEGRA-AS, FR), Reverse DNS prod985-gedicom-gd1029y.integra.fr Software nginx/1.20.2 / Resource Hash aed1d22ec4c31862bf2122326b7b7eb8303e14c084ee443c5f19f07f08a212ad Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://2.nmsau.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma Date Fri, 25 Mar 2022 10:09:29 GMT X-Content-Type-Options nosniff Expires Fri, 25 Mar 2022 12:10:00 GMT Server nginx/1.20.2 X-Frame-Options DENY Content-Type image/png Content-Disposition inline;filename="DOCUMENT.PNG" Cache-Control public, max-age=14400, immutable Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; Connection keep-alive Accept-Ranges bytes Content-Length 405 X-XSS-Protection 1; mode=block X-Proxy-Cache HIT
GET H/1.1	200	gdcfiles www.jevote.casden.fr/WV/	5 KB 6 KB	223ms 41ms	Image image/png	217.115.174.144 INTEGRA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.jevote.casden.fr/WV/gdcfiles?id=CD50780F-AD06-45DE-A3FC-C607A996DC10 Requested by Host: 2.nmsau.com URL: http://2.nmsau.com/irrff5gdn4z5vq2iio.htm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 217.115.174.144 Paris, France, ASN8723 (INTEGRA-AS, FR), Reverse DNS prod985-gedicom-gd1029y.integra.fr Software nginx/1.20.2 / Resource Hash 4fa8464ccd862f01c40095cd71ef4eefd9463f8f6e9395eee5bbd47f83fdd378 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://2.nmsau.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma Date Fri, 25 Mar 2022 10:09:29 GMT X-Content-Type-Options nosniff Expires Fri, 25 Mar 2022 13:42:39 GMT Server nginx/1.20.2 X-Frame-Options DENY Content-Type image/png Content-Disposition inline;filename="PHONE.PNG" Cache-Control public, max-age=14400, immutable Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; Connection keep-alive Accept-Ranges bytes Content-Length 5238 X-XSS-Protection 1; mode=block X-Proxy-Cache HIT
GET H/1.1	200	gdcfiles www.jevote.casden.fr/WV/	2 KB 2 KB	118ms 39ms	Image image/png	217.115.174.144 INTEGRA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.jevote.casden.fr/WV/gdcfiles?id=D46EB641-53BD-4765-9FF3-02BD1A65F129 Requested by Host: 2.nmsau.com URL: http://2.nmsau.com/irrff5gdn4z5vq2iio.htm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 217.115.174.144 Paris, France, ASN8723 (INTEGRA-AS, FR), Reverse DNS prod985-gedicom-gd1029y.integra.fr Software nginx/1.20.2 / Resource Hash 5d1beaad628f1d95919ec22690fe4a29c6338ac99c90770e19b8d24d354ab516 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://2.nmsau.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma Date Fri, 25 Mar 2022 10:09:29 GMT X-Content-Type-Options nosniff Expires Fri, 25 Mar 2022 11:47:48 GMT Server nginx/1.20.2 X-Frame-Options DENY Content-Type image/png Content-Disposition inline;filename="WEB.PNG" Cache-Control public, max-age=14400, immutable Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; Connection keep-alive Accept-Ranges bytes Content-Length 1678 X-XSS-Protection 1; mode=block X-Proxy-Cache HIT
GET H/1.1	200	gdcfiles www.jevote.casden.fr/WV/	2 KB 2 KB	40ms 34ms	Image image/png	217.115.174.144 INTEGRA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.jevote.casden.fr/WV/gdcfiles?id=46B45BF5-E292-43CA-A6FC-982520E37D78 Requested by Host: 2.nmsau.com URL: http://2.nmsau.com/irrff5gdn4z5vq2iio.htm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 217.115.174.144 Paris, France, ASN8723 (INTEGRA-AS, FR), Reverse DNS prod985-gedicom-gd1029y.integra.fr Software nginx/1.20.2 / Resource Hash 0acc85c7f084cd63c36fe48fd8608db33db8aa05efe26c83af47c3feae6ded77 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://2.nmsau.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma Date Fri, 25 Mar 2022 10:09:29 GMT X-Content-Type-Options nosniff Expires Fri, 25 Mar 2022 11:29:36 GMT Server nginx/1.20.2 X-Frame-Options DENY Content-Type image/png Content-Disposition inline;filename="MAIL.PNG" Cache-Control public, max-age=14400, immutable Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; Connection keep-alive Accept-Ranges bytes Content-Length 1814 X-XSS-Protection 1; mode=block X-Proxy-Cache HIT
GET H/1.1	200	gdcfiles www.jevote.casden.fr/WV/	796 B 1 KB	46ms 19ms	Image image/png	217.115.174.144 INTEGRA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.jevote.casden.fr/WV/gdcfiles?id=A7487D49-2D80-4AA0-99D6-E24C7A15C1DB Requested by Host: 2.nmsau.com URL: http://2.nmsau.com/irrff5gdn4z5vq2iio.htm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 217.115.174.144 Paris, France, ASN8723 (INTEGRA-AS, FR), Reverse DNS prod985-gedicom-gd1029y.integra.fr Software nginx/1.20.2 / Resource Hash 31e823557b667fc2ff95824360bf385fce31c2b7f590649d17e3a5545bba5a4d Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://2.nmsau.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma Date Fri, 25 Mar 2022 10:09:29 GMT X-Content-Type-Options nosniff Expires Fri, 25 Mar 2022 11:29:36 GMT Server nginx/1.20.2 X-Frame-Options DENY Content-Type image/png Content-Disposition inline;filename="FACEBOOK.PNG" Cache-Control public, max-age=14400, immutable Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; Connection keep-alive Accept-Ranges bytes Content-Length 796 X-XSS-Protection 1; mode=block X-Proxy-Cache HIT
GET H/1.1	200	gdcfiles www.jevote.casden.fr/WV/	2 KB 2 KB	18ms 18ms	Image image/png	217.115.174.144 INTEGRA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.jevote.casden.fr/WV/gdcfiles?id=FEADF745-E14F-45E2-BD13-26064C3366B0 Requested by Host: 2.nmsau.com URL: http://2.nmsau.com/irrff5gdn4z5vq2iio.htm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 217.115.174.144 Paris, France, ASN8723 (INTEGRA-AS, FR), Reverse DNS prod985-gedicom-gd1029y.integra.fr Software nginx/1.20.2 / Resource Hash f7fa931fa3bd8ad974f4e7b2c7dbfb015aa24d9fdf44622fc8066619a294df9a Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://2.nmsau.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma Date Fri, 25 Mar 2022 10:09:29 GMT X-Content-Type-Options nosniff Expires Fri, 25 Mar 2022 11:29:36 GMT Server nginx/1.20.2 X-Frame-Options DENY Content-Type image/png Content-Disposition inline;filename="INSTAGRAM.PNG" Cache-Control public, max-age=14400, immutable Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; Connection keep-alive Accept-Ranges bytes Content-Length 1704 X-XSS-Protection 1; mode=block X-Proxy-Cache HIT
GET H/1.1	200	gdcfiles www.jevote.casden.fr/WV/	940 B 1 KB	20ms 19ms	Image image/png	217.115.174.144 INTEGRA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.jevote.casden.fr/WV/gdcfiles?id=9D8BB6F6-8595-457E-8407-69D3311C0DC1 Requested by Host: 2.nmsau.com URL: http://2.nmsau.com/irrff5gdn4z5vq2iio.htm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 217.115.174.144 Paris, France, ASN8723 (INTEGRA-AS, FR), Reverse DNS prod985-gedicom-gd1029y.integra.fr Software nginx/1.20.2 / Resource Hash 65c8b9f17dcee7df8e05896f97515d5d8c51e3cf61d7630c13e497e18bca1408 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://2.nmsau.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma Date Fri, 25 Mar 2022 10:09:29 GMT X-Content-Type-Options nosniff Expires Fri, 25 Mar 2022 11:29:36 GMT Server nginx/1.20.2 X-Frame-Options DENY Content-Type image/png Content-Disposition inline;filename="LINKEDIN.PNG" Cache-Control public, max-age=14400, immutable Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; Connection keep-alive Accept-Ranges bytes Content-Length 940 X-XSS-Protection 1; mode=block X-Proxy-Cache HIT
GET H/1.1	200	gdcfiles www.jevote.casden.fr/WV/	1 KB 2 KB	19ms 19ms	Image application/octet-stream	217.115.174.144 INTEGRA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.jevote.casden.fr/WV/gdcfiles?id=47613314-E901-4114-BE6F-BFBB2FE25739 Requested by Host: 2.nmsau.com URL: http://2.nmsau.com/irrff5gdn4z5vq2iio.htm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 217.115.174.144 Paris, France, ASN8723 (INTEGRA-AS, FR), Reverse DNS prod985-gedicom-gd1029y.integra.fr Software nginx/1.20.2 / Resource Hash 80f3e6c823ffb12696305cc704cd62930af5bd19ba8ea055f2eafd68ca5e88e9 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://2.nmsau.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma Date Fri, 25 Mar 2022 10:09:29 GMT X-Content-Type-Options nosniff Expires Fri, 25 Mar 2022 11:28:52 GMT Server nginx/1.20.2 X-Frame-Options DENY Content-Type application/octet-stream Content-Disposition attachment;filename="TWITTER.PNG" Cache-Control public, max-age=14400, immutable Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; Connection keep-alive Accept-Ranges bytes Content-Length 1209 X-XSS-Protection 1; mode=block X-Proxy-Cache HIT
GET H/1.1	200	gdcfiles www.jevote.casden.fr/WV/	742 B 1 KB	19ms 19ms	Image image/png	217.115.174.144 INTEGRA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.jevote.casden.fr/WV/gdcfiles?id=705882BF-CC1B-440C-B709-BFD3EFC44803 Requested by Host: 2.nmsau.com URL: http://2.nmsau.com/irrff5gdn4z5vq2iio.htm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 217.115.174.144 Paris, France, ASN8723 (INTEGRA-AS, FR), Reverse DNS prod985-gedicom-gd1029y.integra.fr Software nginx/1.20.2 / Resource Hash 27436bd7f6191803c69fd805da0552dad1dce52eb8c298ed504c401a53e900d4 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://2.nmsau.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma Date Fri, 25 Mar 2022 10:09:29 GMT X-Content-Type-Options nosniff Expires Fri, 25 Mar 2022 11:20:47 GMT Server nginx/1.20.2 X-Frame-Options DENY Content-Type image/png Content-Disposition inline;filename="YOUTUBE.PNG" Cache-Control public, max-age=14400, immutable Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; img-src 'self' data: blob:; Connection keep-alive Accept-Ranges bytes Content-Length 742 X-XSS-Protection 1; mode=block X-Proxy-Cache HIT
GET H/1.1	200 OK	uydvwxuiextrsxfsuj.gif 2.nmsau.com/	43 B 253 B	52ms 52ms	Image image/gif	92.103.221.132 AS-COMPLETEL
General Check archive.org Show headers Download Go to Show image Full URL http://2.nmsau.com/uydvwxuiextrsxfsuj.gif Requested by Host: 2.nmsau.com URL: http://2.nmsau.com/irrff5gdn4z5vq2iio.htm Protocol HTTP/1.1 Server 92.103.221.132 Le Chesnay, France, ASN12670 (AS-COMPLETEL, FR), Reverse DNS 2.nmsau.com Software nginx / Resource Hash bf9966cef9a28e7cd85d6b081feef12f5721cb4241821f92eee2dc4a72d3ed03 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://2.nmsau.com/irrff5gdn4z5vq2iio.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 25 Mar 2022 10:09:29 GMT Last-Modified Fri, 25 Mar 2022 10:09:29 +0000 Server nginx Connection keep-alive Accept-Ranges bytes Content-Length 43 Content-Type image/gif

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.nmsau.com
www.jevote.casden.fr
217.115.174.144
92.103.221.132
0acc85c7f084cd63c36fe48fd8608db33db8aa05efe26c83af47c3feae6ded77
27436bd7f6191803c69fd805da0552dad1dce52eb8c298ed504c401a53e900d4
31e823557b667fc2ff95824360bf385fce31c2b7f590649d17e3a5545bba5a4d
33445f98c5efb037f5379ec52bbd606fb19cc4c485225be074d098d556b66312
3ac5642bf909ed0b9dc44d5e36281f0b083e39819c900142e7a67b53d17e7ea6
4fa8464ccd862f01c40095cd71ef4eefd9463f8f6e9395eee5bbd47f83fdd378
5d1beaad628f1d95919ec22690fe4a29c6338ac99c90770e19b8d24d354ab516
65c8b9f17dcee7df8e05896f97515d5d8c51e3cf61d7630c13e497e18bca1408
6f667f676321401ab3b8f121069736a65d2e11de289417213b9c0825827742fb
7013d7abf118f7e8ade14e0f6e0d7ab8ac310df3a45a68fd38ce8080cfddadf7
80f3e6c823ffb12696305cc704cd62930af5bd19ba8ea055f2eafd68ca5e88e9
aed1d22ec4c31862bf2122326b7b7eb8303e14c084ee443c5f19f07f08a212ad
b9f3b51de491e7e50eb5d10c7ce5e13a4ac23bc0dd0a164db055bd00213ef63c
bf9966cef9a28e7cd85d6b081feef12f5721cb4241821f92eee2dc4a72d3ed03
f7fa931fa3bd8ad974f4e7b2c7dbfb015aa24d9fdf44622fc8066619a294df9a