www.nomsdefantasy.com Open in urlscan Pro
2a01:7e00:e000:27a::1201 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nomsdefantasy.com/
Submission: On April 30 via api (April 30th 2024, 11:09:36 am UTC) from CZ — Scanned from GB

Summary HTTP 33 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 33 HTTP transactions. The main IP is 2a01:7e00:e000:27a::1201, located in London, United Kingdom and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is www.nomsdefantasy.com.
TLS certificate: Issued by R3 on March 22nd 2024. Valid for: 3 months.

This is the only time www.nomsdefantasy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2a01:7e00:e00... 2a01:7e00:e000:27a::1201	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
33	12

8 2a01:7e00:e000:27a::1201 (London, United Kingdom)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)

www.nomsdefantasy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	nomsdefantasy.com www.nomsdefantasy.com	11 KB
6	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	264 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 36
5	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1306 syndication.twitter.com — Cisco Umbrella Rank: 1673	31 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	91 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	92 KB
1	reddit.com www.reddit.com — Cisco Umbrella Rank: 2677	1 KB
33	10

	Domain	Requested by
8	www.nomsdefantasy.com	www.nomsdefantasy.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	platform.twitter.com	www.nomsdefantasy.com platform.twitter.com
4	pagead2.googlesyndication.com	www.nomsdefantasy.com pagead2.googlesyndication.com
3	www.google-analytics.com	www.nomsdefantasy.com www.google-analytics.com www.googletagmanager.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	connect.facebook.net	www.nomsdefantasy.com connect.facebook.net
1	www.google.com	tpc.googlesyndication.com
1	www.facebook.com	connect.facebook.net
1	syndication.twitter.com	www.nomsdefantasy.com
1	www.googletagmanager.com	www.google-analytics.com
1	www.reddit.com	www.nomsdefantasy.com
33	12

This site contains links to these domains. Also see Links.

Domain
www.reddit.com
www.dehumanizer.com
tools.dehumanizer.com
www.fantasynamegen.com
www.nomesdefantasia.com
www.nombresdefantasia.com
www.nomidifantasy.com
de.fantasynamegen.com
blog.fantasynamegen.com

Subject Issuer	Validity	Valid
www.nomsdefantasy.com R3	`2024-03-22` - `2024-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-15` - `2024-07-13`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-09` - `2024-05-07`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
syndication.twitter.com R3	`2024-04-07` - `2024-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.nomsdefantasy.com/
Frame ID: 638E20181C80F8636354BDBA57FF772A
Requests: 23 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.nomsdefantasy.com
Frame ID: BC3621364954721B83911234B5AF015F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240425/r20110914/zrt_lookup_fy2021.html
Frame ID: 260597FCD86A6ADE950E8B35D8F51E37
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4949354093717732&output=html&adk=1812271804&adf=3025194257&lmt=1714475372&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x540_l&format=0x0&url=https%3A%2F%2Fwww.nomsdefantasy.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714475371901&bpp=4&bdt=309&idt=189&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3313836659317&frm=20&pv=2&ga_vid=1025692676.1714475372&ga_sid=1714475372&ga_hid=512690031&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95329016%2C95329832%2C31082606%2C95331043%2C95331556%2C95331687&oid=2&pvsid=3407166069910314&tmod=1287710929&uas=0&nvt=1&fsapi=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=228
Frame ID: 644C262A5AE80DDE128D9F3279A035DA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4949354093717732&output=html&h=600&slotname=4961745906&adk=3191109235&adf=3870277056&pi=t.ma~as.4961745906&w=160&lmt=1714475372&format=160x600&url=https%3A%2F%2Fwww.nomsdefantasy.com%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714475371905&bpp=2&bdt=312&idt=233&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3313836659317&frm=20&pv=1&ga_vid=1025692676.1714475372&ga_sid=1714475372&ga_hid=512690031&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=14&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95329016%2C95329832%2C31082606%2C95331043%2C95331556%2C95331687&oid=2&pvsid=3407166069910314&tmod=1287710929&uas=0&nvt=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=243
Frame ID: E06CAF90ADF91C7330518C6CD482E6F3
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.fr.html
Frame ID: 7D73A9B8A3A65E3776F7487C16198CC5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240425/r20110914/zrt_lookup_fy2021.html
Frame ID: E1260BDFC152280133CF682AF88E6DFE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240425/r20110914/zrt_lookup_fy2021.html
Frame ID: D5E89F5B7631B8983BA6255E908C57C9
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17023c6d8d68cf14%26domain%3Dwww.nomsdefantasy.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nomsdefantasy.com%252Ff9db8ac644df4bd1e%26relation%3Dparent.parent&container_width=1342&href=https%3A%2F%2Fwww.nomsdefantasy.com%2F&layout=standard&locale=fr_FR&sdk=joey&share=true&show_faces=true
Frame ID: 585C003A4EEB7352232B58DE3871081B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EF64E8F1B24DA010D4287C137F540B44
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 950D8F72B6ECD037E63938FA167F722B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Générateur de Noms de Fantasy

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

33
Requests

100 %
HTTPS

92 %
IPv6

10
Domains

12
Subdomains

12
IPs

3
Countries

511 kB
Transfer

1482 kB
Size

10
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.reddit.com/submit

Search URL Search Domain Scan URL

URL: https://www.dehumanizer.com/
Title: Dehumanizer.com

Search URL Search Domain Scan URL

URL: https://tools.dehumanizer.com/
Title: Autres outils

Search URL Search Domain Scan URL

URL: https://www.fantasynamegen.com/
Title: English version

Search URL Search Domain Scan URL

URL: https://www.nomesdefantasia.com/
Title: Versão em português

Search URL Search Domain Scan URL

URL: https://www.nombresdefantasia.com/
Title: Versión española

Search URL Search Domain Scan URL

URL: https://www.nomidifantasy.com/
Title: Versione italiana

Search URL Search Domain Scan URL

URL: https://de.fantasynamegen.com/
Title: Deutsche Version

Search URL Search Domain Scan URL

URL: https://blog.fantasynamegen.com/
Title: Blog (anglais)

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.nomsdefantasy.com/ 9 KB
3 KB 267ms
32ms Document
text/html 2a01:7e00:e000:27a::1201
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nomsdefantasy.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

nginx/1.24.0 (Ubuntu) /

Resource Hash

1df3392333828993f86b5ea46eeb8dcc2b8a2a9354cec74316a604093b04d122

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
content-security-policy: default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-type: text/html; charset=UTF-8
date: Tue, 30 Apr 2024 11:09:31 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx/1.24.0 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 style.css
www.nomsdefantasy.com/ 3 KB
2 KB 45ms
44ms Stylesheet
text/css 2a01:7e00:e000:27a::1201
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nomsdefantasy.com/style.css

Requested by

Host: www.nomsdefantasy.com
URL: https://www.nomsdefantasy.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

nginx/1.24.0 (Ubuntu) /

Resource Hash

3b3987636fb31bbd20740155b66c465d874af2cc5362e5d4e084d4e796fb3a28

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nomsdefantasy.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 11:09:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 13 Sep 2016 10:54:46 GMT
server: nginx/1.24.0 (Ubuntu)
content-security-policy: default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
etag: W/"57d7daf6-c86"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=86400
x-xss-protection: 0
expires: Wed, 01 May 2024 11:09:31 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 251ms
84ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.nomsdefantasy.com
URL: https://www.nomsdefantasy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b6512507ed7fe1da20e85d2d36045595894430b5de3db2696705c68bdaa0e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nomsdefantasy.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 11:09:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51317
x-xss-protection: 0
server: cafe
etag: 13465960717281166232
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 30 Apr 2024 11:09:31 GMT

GET
H2 200 spreddit7.gif
www.reddit.com/static/ 688 B
1 KB 149ms
29ms Image
image/gif 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reddit.com/static/spreddit7.gif

Requested by

Host: www.nomsdefantasy.com
URL: https://www.nomsdefantasy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

8bb755868270c58be8718b63ff08f560fe952537237af30e68979ff7eefd1c8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nomsdefantasy.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 11:09:31 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Mon, 14 Nov 2011 00:48:52 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 1.0, "failure_fraction": 1.0}
etag: "02cf565e58da222df50a42ee0ec9ee56"
x-frame-options: SAMEORIGIN
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 688
x-xss-protection: 1; mode=block

GET
H2 200 uk.png
www.nomsdefantasy.com/images/ 284 B
1 KB 45ms
45ms Image
image/png 2a01:7e00:e000:27a::1201
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nomsdefantasy.com/images/uk.png

Requested by

Host: www.nomsdefantasy.com
URL: https://www.nomsdefantasy.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

nginx/1.24.0 (Ubuntu) /

Resource Hash

ef437ad387110bff7b41c27112bde6604bf6afca8c8265fa8f781b456df98e6c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nomsdefantasy.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 11:09:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-length: 284
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Jul 2013 00:22:16 GMT
server: nginx/1.24.0 (Ubuntu)
etag: "51d611b8-11c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
expires: Tue, 07 May 2024 11:09:31 GMT

GET
H2 200 pt.png
www.nomsdefantasy.com/images/ 249 B
1 KB 27ms
27ms Image
image/png 2a01:7e00:e000:27a::1201
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nomsdefantasy.com/images/pt.png

Requested by

Host: www.nomsdefantasy.com
URL: https://www.nomsdefantasy.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

nginx/1.24.0 (Ubuntu) /

Resource Hash

e5c09580f2f8d66470db742fea915e2c387ac25aeb2aea55f491c84af65614af

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nomsdefantasy.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 11:09:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-length: 249
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Jul 2013 00:22:16 GMT
server: nginx/1.24.0 (Ubuntu)
etag: "51d611b8-f9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
expires: Tue, 07 May 2024 11:09:31 GMT

GET
H2 200 es.png
www.nomsdefantasy.com/images/ 231 B
1 KB 29ms
29ms Image
image/png 2a01:7e00:e000:27a::1201
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nomsdefantasy.com/images/es.png

Requested by

Host: www.nomsdefantasy.com
URL: https://www.nomsdefantasy.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

nginx/1.24.0 (Ubuntu) /

Resource Hash

c2f060e08ab6fb044d58c757f08098ad285ea2da0f384eff07c8558d68596076

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nomsdefantasy.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 11:09:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-length: 231
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Jul 2013 00:22:16 GMT
server: nginx/1.24.0 (Ubuntu)
etag: "51d611b8-e7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
expires: Tue, 07 May 2024 11:09:31 GMT

GET
H2 200 it.png
www.nomsdefantasy.com/images/ 191 B
996 B 30ms
29ms Image
image/png 2a01:7e00:e000:27a::1201
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nomsdefantasy.com/images/it.png

Requested by

Host: www.nomsdefantasy.com
URL: https://www.nomsdefantasy.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

nginx/1.24.0 (Ubuntu) /

Resource Hash

37ff18d9b420a72b81d7157e63228849248890adc67c4b87026e2296d2732def

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nomsdefantasy.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 11:09:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-length: 191
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 29 Jun 2018 12:58:38 GMT
server: nginx/1.24.0 (Ubuntu)
etag: "5b362cfe-bf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
expires: Tue, 07 May 2024 11:09:31 GMT

GET
H2 200 de.png
www.nomsdefantasy.com/images/ 88 B
892 B 30ms
30ms Image
image/png 2a01:7e00:e000:27a::1201
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nomsdefantasy.com/images/de.png

Requested by

Host: www.nomsdefantasy.com
URL: https://www.nomsdefantasy.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

nginx/1.24.0 (Ubuntu) /

Resource Hash

93d5d46617b41c4ed38485e536a687f54f9f0a86b2da64fa6b415118aacb8470

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nomsdefantasy.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 11:09:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-length: 88
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 11 Oct 2020 14:11:19 GMT
server: nginx/1.24.0 (Ubuntu)
etag: "5f831287-58"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
expires: Tue, 07 May 2024 11:09:31 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/fr_FR/ 3 KB
4 KB 211ms
60ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/fr_FR/sdk.js

Requested by

Host: www.nomsdefantasy.com
URL: https://www.nomsdefantasy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

23e6183d5364d174097bdb101eba320f0d3dc7da2948cf6d2f3fe1e76b75180f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nomsdefantasy.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Apr 2024 11:09:31 GMT
content-md5: v+GHl4MTsKMkybuLeRhWkA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=13, mss=1392, tbw=2782, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: sQ2TtLoWbmZbvyYKxWHLom7haxSHeWkw0imthw5yFY5vxAFzao+S4gGSvJROdh/zjM3HjowbhePiT5rBlqdVGw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: f40f9a81bb4eb5f152fa61f466fd145f
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "ab0cd5f468e0df2b0dbe5bb06bcd3bcc"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 30 Apr 2024 11:11:42 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 266ms
62ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.nomsdefantasy.com
URL: https://www.nomsdefantasy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nomsdefantasy.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 30 Apr 2024 11:09:31 GMT
Content-Encoding: gzip
Age: 887
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (frb/67A8)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 202ms
53ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.nomsdefantasy.com
URL: https://www.nomsdefantasy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nomsdefantasy.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Apr 2024 10:07:49 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3702
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 30 Apr 2024 12:07:49 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/fr_FR/ 299 KB
87 KB 480ms
55ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/fr_FR/sdk.js?hash=9a853250a83c46f646a4652de7a51539

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c62d9793e8efb146fd8c99d6d0976e0dd2ca986197d5b854bc6406ea5edcee3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nomsdefantasy.com/
Origin: https://www.nomsdefantasy.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Apr 2024 11:09:32 GMT
content-md5: u2OMLSnCzYKAF+NkrGlfgQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87632
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=15, mss=1392, tbw=2806, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug: ngzF+cwVs4YQxBUUlEWYtPyjPjeXFWxLBfTeNQgSHq2cKReO4BMUiEt9Y4woVCAxFeJcjbd1QwwTqerGEEU8Vg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: c260441442f7ecc4fc1eb1ac6d85cbe6
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "ae00a5b11946f246e4b92145e3cfb276"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 30 Apr 2025 10:36:13 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
225 B 47ms
46ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=512690031&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nomsdefantasy.com%2F&ul=en-gb&de=UTF-8&dt=G%C3%A9n%C3%A9rateur%20de%20Noms%20de%20Fantasy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=476550960&gjid=1911055845&cid=1025692676.1714475372&tid=UA-151199-42&_gid=343003271.1714475372&_r=1&_slc=1&z=1763103525

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

873c1f139231a59c21598d1403b02717fb7af3b376ac4591b113c0f5b082c644

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.nomsdefantasy.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Apr 2024 11:09:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nomsdefantasy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/ 411 KB
139 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61f12bca5fb30db86ba56d49776ad9c4ef4ad909d3de3edd1f9264d3c0f19d20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nomsdefantasy.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 11:09:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142321
x-xss-protection: 0
server: cafe
etag: 14520749711800154577
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Apr 2024 11:09:31 GMT

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame BC36 0
0 226ms
60ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.nomsdefantasy.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://www.nomsdefantasy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3136130
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Tue, 30 Apr 2024 11:09:32 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67C0)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
92 KB 238ms
91ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KLJPJMQWBG&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0b84fba6945d11a1c8ba9c085f3a8f70182fa326c2e774dd189b371e5c70954

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nomsdefantasy.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 11:09:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93690
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 30 Apr 2024 11:09:32 GMT

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240425/r20110914/ Frame 2605 0
0 210ms
43ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240425/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://www.nomsdefantasy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 38249
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Apr 2024 00:32:03 GMT
etag: 5035419970550746386
expires: Tue, 14 May 2024 00:32:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 644C 0
0 1167ms
1019ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4949354093717732&output=html&adk=1812271804&adf=3025194257&lmt=1714475372&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x540_l&format=0x0&url=https%3A%2F%2Fwww.nomsdefantasy.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714475371901&bpp=4&bdt=309&idt=189&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3313836659317&frm=20&pv=2&ga_vid=1025692676.1714475372&ga_sid=1714475372&ga_hid=512690031&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95329016%2C95329832%2C31082606%2C95331043%2C95331556%2C95331687&oid=2&pvsid=3407166069910314&tmod=1287710929&uas=0&nvt=1&fsapi=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=228

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://www.nomsdefantasy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 89866
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Apr 2024 11:09:32 GMT
expires: Tue, 30 Apr 2024 11:09:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame E06C 0
0 1144ms
1015ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4949354093717732&output=html&h=600&slotname=4961745906&adk=3191109235&adf=3870277056&pi=t.ma~as.4961745906&w=160&lmt=1714475372&format=160x600&url=https%3A%2F%2Fwww.nomsdefantasy.com%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714475371905&bpp=2&bdt=312&idt=233&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3313836659317&frm=20&pv=1&ga_vid=1025692676.1714475372&ga_sid=1714475372&ga_hid=512690031&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=14&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95329016%2C95329832%2C31082606%2C95331043%2C95331556%2C95331687&oid=2&pvsid=3407166069910314&tmod=1287710929&uas=0&nvt=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=243

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://www.nomsdefantasy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 47836
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Apr 2024 11:09:32 GMT
expires: Tue, 30 Apr 2024 11:09:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
56 B 45ms
44ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-KLJPJMQWBG&gtm=45je44t0v9135364185za200&_p=1714475371980&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-gb&sr=1600x1200&cid=1025692676.1714475372&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.nomsdefantasy.com%2F&dt=G%C3%A9n%C3%A9rateur%20de%20Noms%20de%20Fantasy&sid=1714475372&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=974
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KLJPJMQWBG&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nomsdefantasy.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 30 Apr 2024 11:09:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nomsdefantasy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK button.856debeac157d9669cf51e73a08fbc93.js Show response
platform.twitter.com/js/ 8 KB
3 KB 46ms
45ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nomsdefantasy.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 30 Apr 2024 11:09:32 GMT
Content-Encoding: gzip
Age: 3143016
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2620
Last-Modified: Mon, 11 Dec 2023 17:19:47 GMT
Server: ECS (frb/67A8)
Etag: "fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK tweet_button.2f70fb173b9000da126c79afe2098f02.fr.html
platform.twitter.com/widgets/ Frame 7D73 0
0 42ms
41ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.fr.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668D) /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://www.nomsdefantasy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3142927
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 12690
Content-Type: text/html; charset=utf-8
Date: Tue, 30 Apr 2024 11:09:32 GMT
Etag: "4043f0931bc921cd3fd837417ecfb05d+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:48 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/668D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
293 B 712ms
595ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.nomsdefantasy.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22fr%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1714475372584%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=851295f88312ed16674229fcd908948da07c8193

Requested by

Host: www.nomsdefantasy.com
URL: https://www.nomsdefantasy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nomsdefantasy.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 115
date: Tue, 30 Apr 2024 11:09:32 GMT
strict-transport-security: max-age=631138519
last-modified: Tue, 30 Apr 2024 11:09:32 GMT
server: tsa_f
vary: Origin
content-type: image/gif
x-transaction-id: 9f658177b1427582
cache-control: must-revalidate, max-age=600
perf: 7402827104
x-connection-hash: f808bd687139cbfc9a1a33fb97b6ac4a347947f3db7b3fec240ba5e5d5d39174
content-length: 43

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/ 167 KB
56 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d1dd8caf56e7aa04594dfb38d6797fe167d92c78d5ef9630f0cd72b9600def6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nomsdefantasy.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 11:09:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57513
x-xss-protection: 0
server: cafe
etag: 14120070365905512696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Apr 2024 11:09:33 GMT

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240425/r20110914/ Frame E126 0
0 0ms
0ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240425/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://www.nomsdefantasy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 38249
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Apr 2024 00:32:03 GMT
etag: 5035419970550746386
expires: Tue, 14 May 2024 00:32:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240425/r20110914/ Frame D5E8 0
0 0ms
0ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240425/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://www.nomsdefantasy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 38249
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Apr 2024 00:32:03 GMT
etag: 5035419970550746386
expires: Tue, 14 May 2024 00:32:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 549ms
101ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240425&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

143b8f64cd40ff4c92913baefae720659c2df1ac0d3d6327ebd4d6760a620997

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nomsdefantasy.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 11:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12092
x-xss-protection: 0

GET
H2 200 like.php
www.facebook.com/v2.5/plugins/ Frame 585C 0
0 313ms
165ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17023c6d8d68cf14%26domain%3Dwww.nomsdefantasy.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nomsdefantasy.com%252Ff9db8ac644df4bd1e%26relation%3Dparent.parent&container_width=1342&href=https%3A%2F%2Fwww.nomsdefantasy.com%2F&layout=standard&locale=fr_FR&sdk=joey&share=true&show_faces=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js?hash=9a853250a83c46f646a4652de7a51539

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://www.nomsdefantasy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
date: Tue, 30 Apr 2024 11:09:34 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1392, tbw=2776, tp=-1, tpl=-1, uplat=106, ullat=0
x-fb-debug: nIPax0SARn70vXPo5zuJ/mi0UUPT3/A6Qm1bR1b7rMPBsrdQdLRk3irax+YvuZeLsbcfs8CiSY7083SXZEkVfQ==
x-xss-protection: 0

GET
H2 200 favicon.ico
www.nomsdefantasy.com/ 318 B
913 B 28ms
27ms Other
image/x-icon 2a01:7e00:e000:27a::1201
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nomsdefantasy.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

nginx/1.24.0 (Ubuntu) /

Resource Hash

2557c81602045d4318e656eba0b0604d8f4a37eeac87ba928235fef507c5fb00

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nomsdefantasy.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 11:09:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Jul 2013 00:22:16 GMT
server: nginx/1.24.0 (Ubuntu)
content-security-policy: default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
etag: W/"51d611b8-13e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/x-icon
cache-control: max-age=604800
x-xss-protection: 0
expires: Tue, 07 May 2024 11:09:35 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 244ms
103ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nomsdefantasy.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 11:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Apr 2024 11:09:35 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EF64 0
0 38ms
38ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://www.nomsdefantasy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 12386
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Apr 2024 07:43:09 GMT
expires: Wed, 30 Apr 2025 07:43:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe
www.google.com/recaptcha/api2/ Frame 950D 0
0 49ms
49ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-M2guLzVT-HkQHINB-LBDKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://www.nomsdefantasy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-M2guLzVT-HkQHINB-LBDKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 30 Apr 2024 11:09:35 GMT
expires: Tue, 30 Apr 2024 11:09:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nomsdefantasy.com/	1970-01-21 05:50:35	Name: _ga Value: GA1.2.1025692676.1714475372
.nomsdefantasy.com/	1970-01-20 20:16:01	Name: _gid Value: GA1.2.343003271.1714475372
.nomsdefantasy.com/	1970-01-20 20:14:35	Name: _gat Value: 1
.nomsdefantasy.com/	1970-01-21 05:50:35	Name: _ga_KLJPJMQWBG Value: GS1.2.1714475372.1.0.1714475372.0.0.0
.nomsdefantasy.com/	1970-01-21 05:36:11	Name: __gads Value: ID=661c8dfbc118b055:T=1714475372:RT=1714475372:S=ALNI_MbnfGjqCtjIUS9UWn7JT9JyA9TiDA
.nomsdefantasy.com/	1970-01-21 05:36:11	Name: __gpi Value: UID=00000e0aab4483e3:T=1714475372:RT=1714475372:S=ALNI_MYaz70imrwAWCGHoZLYNSa7pFGBPA
.nomsdefantasy.com/	1970-01-21 00:33:47	Name: __eoi Value: ID=846f466438f5dac9:T=1714475372:RT=1714475372:S=AA-AfjZrMkV7-I1ARGoauDcUK-HU
.doubleclick.net/	1970-01-21 05:50:35	Name: IDE Value: AHWqTUn6C30bBoZ6D9JXF1nGESVjr8YhiLT7YVEmHHyYf0PFR6C3kyvV2DrM-WqRJGU
.doubleclick.net/	1970-01-20 20:14:38	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 22:24:11	Name: ar_debug Value: 1

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.nomsdefantasy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomsdefantasy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomsdefantasy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomsdefantasy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomsdefantasy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomsdefantasy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomsdefantasy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomsdefantasy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomsdefantasy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomsdefantasy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomsdefantasy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomsdefantasy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomsdefantasy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
platform.twitter.com
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.nomsdefantasy.com
www.reddit.com
104.244.42.200
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:80b::2004
2a00:1450:4001:81d::2001
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2002
2a01:7e00:e000:27a::1201
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:600::396
143b8f64cd40ff4c92913baefae720659c2df1ac0d3d6327ebd4d6760a620997
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1df3392333828993f86b5ea46eeb8dcc2b8a2a9354cec74316a604093b04d122
23e6183d5364d174097bdb101eba320f0d3dc7da2948cf6d2f3fe1e76b75180f
2557c81602045d4318e656eba0b0604d8f4a37eeac87ba928235fef507c5fb00
37ff18d9b420a72b81d7157e63228849248890adc67c4b87026e2296d2732def
3b3987636fb31bbd20740155b66c465d874af2cc5362e5d4e084d4e796fb3a28
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f12bca5fb30db86ba56d49776ad9c4ef4ad909d3de3edd1f9264d3c0f19d20
6b6512507ed7fe1da20e85d2d36045595894430b5de3db2696705c68bdaa0e25
7d1dd8caf56e7aa04594dfb38d6797fe167d92c78d5ef9630f0cd72b9600def6
873c1f139231a59c21598d1403b02717fb7af3b376ac4591b113c0f5b082c644
8bb755868270c58be8718b63ff08f560fe952537237af30e68979ff7eefd1c8a
93d5d46617b41c4ed38485e536a687f54f9f0a86b2da64fa6b415118aacb8470
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
c2f060e08ab6fb044d58c757f08098ad285ea2da0f384eff07c8558d68596076
c62d9793e8efb146fd8c99d6d0976e0dd2ca986197d5b854bc6406ea5edcee3f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c09580f2f8d66470db742fea915e2c387ac25aeb2aea55f491c84af65614af
ef437ad387110bff7b41c27112bde6604bf6afca8c8265fa8f781b456df98e6c
f0b84fba6945d11a1c8ba9c085f3a8f70182fa326c2e774dd189b371e5c70954

www.nomsdefantasy.com Open in urlscan Pro 2a01:7e00:e000:27a::1201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

33 Requests

100 %HTTPS

92 %IPv6

10 Domains

12 Subdomains

12 IPs

3 Countries

511 kBTransfer

1482 kBSize

10 Cookies

9 Outgoing links

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nomsdefantasy.com Open in urlscan Pro
2a01:7e00:e000:27a::1201 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

100 %
HTTPS

92 %
IPv6

10
Domains

12
Subdomains

12
IPs

3
Countries

511 kB
Transfer

1482 kB
Size

10
Cookies

33 HTTP transactions
0 data transactions