urlscan.io logo urlscan.io
SecurityTrails logo

www.nomsdefantasy.com Open in urlscan Pro
2a01:7e00:e000:27a::1201  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.nomsdefantasy.com/
Submission: On April 30 via api from CZ — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 8 domains to perform 30 HTTP transactions. The main IP is 2a01:7e00:e000:27a::1201, located in London, United Kingdom and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is www.nomsdefantasy.com.
TLS certificate: Issued by R3 on March 22nd 2024. Valid for: 3 months.
This is the only time www.nomsdefantasy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    2a01:7e00:e000:27a::1201 (London, United Kingdom)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
www.nomsdefantasy.com
6    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net
pagead2.googlesyndication.com
1    151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.reddit.com
1    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net
connect.facebook.net
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
Apex Domain
Subdomains		 Transfer
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
208 KB
8 nomsdefantasy.com
www.nomsdefantasy.com
11 KB
5 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1306
syndication.twitter.com — Cisco Umbrella Rank: 1673
31 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
region1.google-analytics.com — Cisco Umbrella Rank: 2404
21 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
89 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
92 KB
1 reddit.com
www.reddit.com — Cisco Umbrella Rank: 2677
1 KB
30 8
Domain Requested by
8 www.nomsdefantasy.com www.nomsdefantasy.com
6 pagead2.googlesyndication.com www.nomsdefantasy.com
pagead2.googlesyndication.com
4 platform.twitter.com www.nomsdefantasy.com
platform.twitter.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com www.nomsdefantasy.com
www.google-analytics.com
2 connect.facebook.net www.nomsdefantasy.com
connect.facebook.net
1 syndication.twitter.com
1 www.facebook.com connect.facebook.net
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 www.reddit.com www.nomsdefantasy.com
30 11
Subject Issuer Validity Valid
www.nomsdefantasy.com
R3		 2024-03-22 -
2024-06-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-15 -
2024-07-13		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-09 -
2024-05-07		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
syndication.twitter.com
R3		 2024-04-07 -
2024-07-06		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.nomsdefantasy.com/
Frame ID: A8C8DA2B7EE90F3E03EC2D9276C351F4
Requests: 23 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.nomsdefantasy.com
Frame ID: 4CC1F966DD2EDECE8612FC4FDEB79113
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240425/r20110914/zrt_lookup_fy2021.html
Frame ID: B5D64364F0990E87F2C21C1FD1DA23F9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4949354093717732&output=html&adk=1812271804&adf=3025194257&lmt=1714475372&plat=4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x540_l&format=0x0&url=https%3A%2F%2Fwww.nomsdefantasy.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&aslmct=0.5&asamct=0.5&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714475371866&bpp=3&bdt=239&idt=281&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7976143570450&frm=20&pv=2&ga_vid=353241726.1714475372&ga_sid=1714475372&ga_hid=451566265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31083066%2C42531705%2C44795922%2C95331042%2C95331368%2C95331555&oid=2&pvsid=2645893306216911&tmod=1011507372&uas=0&nvt=1&fsapi=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=313
Frame ID: 2A478B597D1507520CF14A882F1664C4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4949354093717732&output=html&h=600&slotname=4961745906&adk=3191109235&adf=3870277056&pi=t.ma~as.4961745906&w=160&lmt=1714475372&format=160x600&url=https%3A%2F%2Fwww.nomsdefantasy.com%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714475371870&bpp=1&bdt=243&idt=341&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7976143570450&frm=20&pv=1&ga_vid=353241726.1714475372&ga_sid=1714475372&ga_hid=451566265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=14&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31083066%2C42531705%2C44795922%2C95331042%2C95331368%2C95331555&oid=2&pvsid=2645893306216911&tmod=1011507372&uas=0&nvt=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=349
Frame ID: 821C6FC7C8FEFE2341C84967D9A2E659
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7122420ee3b53ae6%26domain%3Dwww.nomsdefantasy.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nomsdefantasy.com%252Ff63efa2530b51d083%26relation%3Dparent.parent&container_width=1342&href=https%3A%2F%2Fwww.nomsdefantasy.com%2F&layout=standard&locale=fr_FR&sdk=joey&share=true&show_faces=true
Frame ID: D8F4B5F61FAD6A2D86047EBED416B1C1
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.fr.html
Frame ID: A07EC65EBAACD62076AFA60AC64F5D81
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2E9D124C89CC39244879D832F9177A45
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Générateur de Noms de Fantasy

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

30
Requests

97 %
HTTPS

67 %
IPv6

8
Domains

11
Subdomains

13
IPs

3
Countries

453 kB
Transfer

1316 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.nomsdefantasy.com/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nomsdefantasy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
1df3392333828993f86b5ea46eeb8dcc2b8a2a9354cec74316a604093b04d122
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-security-policy
default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-type
text/html; charset=UTF-8
date
Tue, 30 Apr 2024 11:09:31 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx/1.24.0 (Ubuntu)
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
style.css
www.nomsdefantasy.com/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nomsdefantasy.com/style.css
Requested by
Host: www.nomsdefantasy.com
URL: https://www.nomsdefantasy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
3b3987636fb31bbd20740155b66c465d874af2cc5362e5d4e084d4e796fb3a28
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.nomsdefantasy.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:09:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 13 Sep 2016 10:54:46 GMT
server
nginx/1.24.0 (Ubuntu)
content-security-policy
default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-encoding
br
etag
W/"57d7daf6-c86"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=86400
x-xss-protection
0
expires
Wed, 01 May 2024 11:09:31 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.nomsdefantasy.com
URL: https://www.nomsdefantasy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
a8777c923f57be9978e2c2d9bc3aed222e69a019125de858be16f2caa7b01d77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.nomsdefantasy.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:09:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51320
x-xss-protection
0
server
cafe
etag
6764379094068822104
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 30 Apr 2024 11:09:31 GMT
spreddit7.gif
www.reddit.com/static/ 		688 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.reddit.com/static/spreddit7.gif
Requested by
Host: www.nomsdefantasy.com
URL: https://www.nomsdefantasy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
8bb755868270c58be8718b63ff08f560fe952537237af30e68979ff7eefd1c8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.nomsdefantasy.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:09:31 GMT
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 14 Nov 2011 00:48:52 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 1.0, "failure_fraction": 1.0}
etag
"02cf565e58da222df50a42ee0ec9ee56"
x-frame-options
SAMEORIGIN
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
688
x-xss-protection
1; mode=block
uk.png
www.nomsdefantasy.com/images/ 		284 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nomsdefantasy.com/images/uk.png
Requested by
Host: www.nomsdefantasy.com
URL: https://www.nomsdefantasy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
ef437ad387110bff7b41c27112bde6604bf6afca8c8265fa8f781b456df98e6c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.nomsdefantasy.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:09:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-length
284
x-xss-protection
0
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Jul 2013 00:22:16 GMT
server
nginx/1.24.0 (Ubuntu)
etag
"51d611b8-11c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
expires
Tue, 07 May 2024 11:09:31 GMT
pt.png
www.nomsdefantasy.com/images/ 		249 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nomsdefantasy.com/images/pt.png
Requested by
Host: www.nomsdefantasy.com
URL: https://www.nomsdefantasy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
e5c09580f2f8d66470db742fea915e2c387ac25aeb2aea55f491c84af65614af
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.nomsdefantasy.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:09:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-length
249
x-xss-protection
0
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Jul 2013 00:22:16 GMT
server
nginx/1.24.0 (Ubuntu)
etag
"51d611b8-f9"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
expires
Tue, 07 May 2024 11:09:31 GMT
es.png
www.nomsdefantasy.com/images/ 		231 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nomsdefantasy.com/images/es.png
Requested by
Host: www.nomsdefantasy.com
URL: https://www.nomsdefantasy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
c2f060e08ab6fb044d58c757f08098ad285ea2da0f384eff07c8558d68596076
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.nomsdefantasy.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:09:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-length
231
x-xss-protection
0
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Jul 2013 00:22:16 GMT
server
nginx/1.24.0 (Ubuntu)
etag
"51d611b8-e7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
expires
Tue, 07 May 2024 11:09:31 GMT
it.png
www.nomsdefantasy.com/images/ 		191 B
996 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nomsdefantasy.com/images/it.png
Requested by
Host: www.nomsdefantasy.com
URL: https://www.nomsdefantasy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
37ff18d9b420a72b81d7157e63228849248890adc67c4b87026e2296d2732def
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.nomsdefantasy.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:09:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-length
191
x-xss-protection
0
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 29 Jun 2018 12:58:38 GMT
server
nginx/1.24.0 (Ubuntu)
etag
"5b362cfe-bf"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
expires
Tue, 07 May 2024 11:09:31 GMT
de.png
www.nomsdefantasy.com/images/ 		88 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nomsdefantasy.com/images/de.png
Requested by
Host: www.nomsdefantasy.com
URL: https://www.nomsdefantasy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
93d5d46617b41c4ed38485e536a687f54f9f0a86b2da64fa6b415118aacb8470
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.nomsdefantasy.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:09:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-length
88
x-xss-protection
0
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 11 Oct 2020 14:11:19 GMT
server
nginx/1.24.0 (Ubuntu)
etag
"5f831287-58"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
expires
Tue, 07 May 2024 11:09:31 GMT
sdk.js
connect.facebook.net/fr_FR/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/fr_FR/sdk.js
Requested by
Host: www.nomsdefantasy.com
URL: https://www.nomsdefantasy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
23e6183d5364d174097bdb101eba320f0d3dc7da2948cf6d2f3fe1e76b75180f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.nomsdefantasy.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 30 Apr 2024 11:09:31 GMT
content-md5
v+GHl4MTsKMkybuLeRhWkA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1689
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=12, mss=1294, tbw=2804, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
sQ2TtLoWbmZbvyYKxWHLom7haxSHeWkw0imthw5yFY5vxAFzao+S4gGSvJROdh/zjM3HjowbhePiT5rBlqdVGw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
f40f9a81bb4eb5f152fa61f466fd145f
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"ab0cd5f468e0df2b0dbe5bb06bcd3bcc"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Tue, 30 Apr 2024 11:11:42 GMT
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.nomsdefantasy.com
URL: https://www.nomsdefantasy.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F86) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.nomsdefantasy.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 11:09:31 GMT
Content-Encoding
gzip
Age
874
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (pab/6F86)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.nomsdefantasy.com
URL: https://www.nomsdefantasy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.nomsdefantasy.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 30 Apr 2024 09:47:07 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4944
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 30 Apr 2024 11:47:07 GMT
collect
www.google-analytics.com/j/ 		15 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=451566265&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nomsdefantasy.com%2F&ul=en-gb&de=UTF-8&dt=G%C3%A9n%C3%A9rateur%20de%20Noms%20de%20Fantasy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=88576901&gjid=1722978289&cid=353241726.1714475372&tid=UA-151199-42&_gid=1398839387.1714475372&_r=1&_slc=1&z=940856544
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
873c1f139231a59c21598d1403b02717fb7af3b376ac4591b113c0f5b082c644
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.nomsdefantasy.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 11:09:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nomsdefantasy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/fr_FR/ 		299 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/fr_FR/sdk.js?hash=9a853250a83c46f646a4652de7a51539
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
c62d9793e8efb146fd8c99d6d0976e0dd2ca986197d5b854bc6406ea5edcee3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.nomsdefantasy.com/
Origin
https://www.nomsdefantasy.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 30 Apr 2024 11:09:31 GMT
content-md5
u2OMLSnCzYKAF+NkrGlfgQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87632
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=50, rtx=0, c=33, mss=1232, tbw=4299, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug
ngzF+cwVs4YQxBUUlEWYtPyjPjeXFWxLBfTeNQgSHq2cKReO4BMUiEt9Y4woVCAxFeJcjbd1QwwTqerGEEU8Vg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
c260441442f7ecc4fc1eb1ac6d85cbe6
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"ae00a5b11946f246e4b92145e3cfb276"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Wed, 30 Apr 2025 10:36:13 GMT
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 4CC1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.nomsdefantasy.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F90) /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.nomsdefantasy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
3129936
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Tue, 30 Apr 2024 11:09:31 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (pab/6F90)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
js
www.googletagmanager.com/gtag/ 		259 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KLJPJMQWBG&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e1d3faf0f2e5af5455d4cf48ea56899d8d16d75fe6719593a28fe3c6f9b3c413
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.nomsdefantasy.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:09:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93782
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 30 Apr 2024 11:09:31 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/ 		411 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4949354093717732&plah=www.nomsdefantasy.com&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
1b7e7a047d25ad0c57ec7802d6258bfe36b06c9c7f87ae03ed8e77ad931706a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.nomsdefantasy.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:09:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142347
x-xss-protection
0
server
cafe
etag
5681952180861537248
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 30 Apr 2024 11:09:31 GMT
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240425/r20110914/ Frame B5D6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240425/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4949354093717732&plah=www.nomsdefantasy.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.nomsdefantasy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
73589
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 29 Apr 2024 14:43:03 GMT
etag
5035419970550746386
expires
Mon, 13 May 2024 14:43:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 2A47 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4949354093717732&output=html&adk=1812271804&adf=3025194257&lmt=1714475372&plat=4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x540_l&format=0x0&url=https%3A%2F%2Fwww.nomsdefantasy.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&aslmct=0.5&asamct=0.5&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714475371866&bpp=3&bdt=239&idt=281&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7976143570450&frm=20&pv=2&ga_vid=353241726.1714475372&ga_sid=1714475372&ga_hid=451566265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31083066%2C42531705%2C44795922%2C95331042%2C95331368%2C95331555&oid=2&pvsid=2645893306216911&tmod=1011507372&uas=0&nvt=1&fsapi=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=313
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4949354093717732&plah=www.nomsdefantasy.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.nomsdefantasy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
4373
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Apr 2024 11:09:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 821C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4949354093717732&output=html&h=600&slotname=4961745906&adk=3191109235&adf=3870277056&pi=t.ma~as.4961745906&w=160&lmt=1714475372&format=160x600&url=https%3A%2F%2Fwww.nomsdefantasy.com%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714475371870&bpp=1&bdt=243&idt=341&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7976143570450&frm=20&pv=1&ga_vid=353241726.1714475372&ga_sid=1714475372&ga_hid=451566265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=14&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31083066%2C42531705%2C44795922%2C95331042%2C95331368%2C95331555&oid=2&pvsid=2645893306216911&tmod=1011507372&uas=0&nvt=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=349
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4949354093717732&plah=www.nomsdefantasy.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.nomsdefantasy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
307
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Apr 2024 11:09:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KLJPJMQWBG&gtm=45je44t0v9135364185za200&_p=1714475371839&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-gb&sr=1600x1200&cid=353241726.1714475372&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.nomsdefantasy.com%2F&dt=G%C3%A9n%C3%A9rateur%20de%20Noms%20de%20Fantasy&sid=1714475372&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=775
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KLJPJMQWBG&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.nomsdefantasy.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 11:09:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nomsdefantasy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
like.php
www.facebook.com/v2.5/plugins/ Frame D8F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7122420ee3b53ae6%26domain%3Dwww.nomsdefantasy.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nomsdefantasy.com%252Ff63efa2530b51d083%26relation%3Dparent.parent&container_width=1342&href=https%3A%2F%2Fwww.nomsdefantasy.com%2F&layout=standard&locale=fr_FR&sdk=joey&share=true&show_faces=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js?hash=9a853250a83c46f646a4652de7a51539
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.nomsdefantasy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
date
Tue, 30 Apr 2024 11:09:33 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=35, rtx=0, c=10, mss=1294, tbw=2797, tp=-1, tpl=-1, uplat=28, ullat=0
x-fb-debug
O6YeBOGq384L+u3VIbkr5JKKvYqNMIklXKxu7mDsHt4PrGvKwkBBcwtpD2EHT1tQo9snqKHHYp/CWVhpCk6NBA==
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240425&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4949354093717732&plah=www.nomsdefantasy.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
473f3d764b9f360e67774c4118824eac3b480fd24c9cce77bb5aea69a2a10355
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.nomsdefantasy.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:09:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12122
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4949354093717732&plah=www.nomsdefantasy.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.nomsdefantasy.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 30 Apr 2024 11:09:33 GMT
button.856debeac157d9669cf51e73a08fbc93.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F86) /
Resource Hash
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.nomsdefantasy.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 11:09:33 GMT
Content-Encoding
gzip
Age
3142390
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2620
Last-Modified
Mon, 11 Dec 2023 17:19:47 GMT
Server
ECS (pab/6F86)
Etag
"fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
tweet_button.2f70fb173b9000da126c79afe2098f02.fr.html
platform.twitter.com/widgets/ Frame A07E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.fr.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6FA8) /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.nomsdefantasy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
3142433
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
12690
Content-Type
text/html; charset=utf-8
Date
Tue, 30 Apr 2024 11:09:33 GMT
Etag
"4043f0931bc921cd3fd837417ecfb05d+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:48 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (pab/6FA8)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/ 		43 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.nomsdefantasy.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22fr%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1714475373048%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=f8ba1eab62770cf91e12c19be786e7d799b16830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.nomsdefantasy.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
115
date
Tue, 30 Apr 2024 11:09:32 GMT
strict-transport-security
max-age=631138519
last-modified
Tue, 30 Apr 2024 11:09:33 GMT
server
tsa_f
vary
Origin
content-type
image/gif
x-transaction-id
98bae94928f60f8b
cache-control
must-revalidate, max-age=600
perf
7402827104
x-connection-hash
59e4a754d437f981ee725a82c93f908491a3ee0bdcbae2453f95a8372c9b0326
content-length
43
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2E9D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.nomsdefantasy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
12384
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Apr 2024 07:43:09 GMT
expires
Wed, 30 Apr 2025 07:43:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
favicon.ico
www.nomsdefantasy.com/ 		318 B
913 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.nomsdefantasy.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
2557c81602045d4318e656eba0b0604d8f4a37eeac87ba928235fef507c5fb00
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.nomsdefantasy.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:09:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Jul 2013 00:22:16 GMT
server
nginx/1.24.0 (Ubuntu)
content-security-policy
default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-encoding
br
etag
W/"51d611b8-13e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/x-icon
cache-control
max-age=604800
x-xss-protection
0
expires
Tue, 07 May 2024 11:09:33 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240425&jk=2645893306216911&bg=!hYalhsnNAAYBeExMIXg7ADQBe5WfODhuRXVM0q3vmMOADLXv6DJatN7rK4vlaMYG8Td_w-JHLEjbtfN1bjlhdm4tKnaoAgAAAGxSAAAAA2gBB34ANSPjTSHyju__8T7Km2z3Rf5jKS7flv9RwgbsClBS7JyAdKYwdVNlrBfgmw0rziuZxP6vBYOGCgChi9dnI5c6CXmkxUgw1e9e27tGSY9dvVmravMh54jDruWWEInh5g6A6B1uM2FdwZQ4LklGXWGnxnlyY_GXrk_OBnjnq2bwfyO0vzVYG3ca86NABO-Fue3GmZBvugQymxAti8tAgNpsuU4mOBSQetbe6tSxe37UcAXUym60zQBMlnMRxIRVRkxGkhooOXKwMJYGZiKJQKsYT57CuKk8voaiwxmZApmmz7BEAdMILA3BXeeU2b51DhqeQZeiCktvbaZjpqa0sah7kVcxzMFa6DMTqtelAoih7SCgCzPftdACvElNTkrG_0pGWLvkK9mlO6Z9gDlBB9MmcINwRjLG8IW5R_KVFA779CqFEYy5i-DHMxAOy1dIMAD2uIQ4znFIu7mnSbL5oWZ1ieaqaDAkJkH4_kUEOguuyALgdQnjrXOsymf9kqsHpCvqFop0pclO8be1XSXq2ds9p4F4ubzcnybKmMHQ2n8TnHRsKW0sCYm6jdSJFtmjOvQyupwWKRdva1MLBFvdsvg4dgYdkqf3pekRJePTAUOQCk6SQW5xIc2SjUwNUB91kyPWmO7S7O5IaKmvUJ2Mds18heBz_VXraKlfthk653FJIYnMjcXOoVDgiCi7EtphuOmb2XYHSO-X6I0EM7UlxcMlBJ2G2q-Vxr5OjIRwk3LUUE_H4UB-tSEqpjypfGlPfElLpnlSLTWL9ECgr73zC8zPt9VMzEFfUfUW29vMJvuPqWfs_IhIn2ClrfTLyvEHd8TiN2C4IuSzCXB_HSIUZLKVILuk45vw4SGWI_pDAu03ciGeezdPmGzKZZdzI6LbmkMpFLrwSH01EXdQ_L-B-Krp7vQqL8wC8l5-5QbZ_W1UYE-rTSou1n7uwZtpkQZRY9WEzVAN2CLnjyMudDDAyAnlUs4ziOmHceZ_TtzGUFOT-THde5cX5qisxRm_tOEyPjSAUkyWOS-iqWhrG3myE8YlGv--BvZGG1Cocut-R3CJYsD1-Auq68Y-uLQO95wQkYnQhWvcZNOX3wuqctW9SCWAV-AIypMaufbucHj-5OFeGRmu3GCskY0SyDHgljJNlFo-MIVLKOPS4frMTWteWU5pZhlACoJBlw

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| adsbygoogle string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| FB object| __twttrll object| twttr object| __twttr object| dataLayer object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| __buffer function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_tag_manager object| googletag object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.nomsdefantasy.com/ Name: _ga
Value: GA1.2.353241726.1714475372
.nomsdefantasy.com/ Name: _gid
Value: GA1.2.1398839387.1714475372
.nomsdefantasy.com/ Name: _gat
Value: 1
.nomsdefantasy.com/ Name: _ga_KLJPJMQWBG
Value: GS1.2.1714475372.1.0.1714475372.0.0.0
.nomsdefantasy.com/ Name: __eoi
Value: ID=560353d427417705:T=1714475372:RT=1714475372:S=AA-AfjZHKbBLRDTIOF9qnBqr5aR2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
pagead2.googlesyndication.com
platform.twitter.com
region1.google-analytics.com
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.nomsdefantasy.com
www.reddit.com
pagead2.googlesyndication.com
104.244.42.8
151.101.193.140
157.240.251.9
172.217.16.194
2001:4860:4802:34::36
2001:4860:4802:38::178
2606:2800:234:46c:e8b:1e2f:2bd:694
2a00:1450:4001:80f::2008
2a00:1450:4001:82b::2001
2a01:7e00:e000:27a::1201
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1b7e7a047d25ad0c57ec7802d6258bfe36b06c9c7f87ae03ed8e77ad931706a0
1df3392333828993f86b5ea46eeb8dcc2b8a2a9354cec74316a604093b04d122
23e6183d5364d174097bdb101eba320f0d3dc7da2948cf6d2f3fe1e76b75180f
2557c81602045d4318e656eba0b0604d8f4a37eeac87ba928235fef507c5fb00
37ff18d9b420a72b81d7157e63228849248890adc67c4b87026e2296d2732def
3b3987636fb31bbd20740155b66c465d874af2cc5362e5d4e084d4e796fb3a28
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
473f3d764b9f360e67774c4118824eac3b480fd24c9cce77bb5aea69a2a10355
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
873c1f139231a59c21598d1403b02717fb7af3b376ac4591b113c0f5b082c644
8bb755868270c58be8718b63ff08f560fe952537237af30e68979ff7eefd1c8a
93d5d46617b41c4ed38485e536a687f54f9f0a86b2da64fa6b415118aacb8470
a8777c923f57be9978e2c2d9bc3aed222e69a019125de858be16f2caa7b01d77
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
c2f060e08ab6fb044d58c757f08098ad285ea2da0f384eff07c8558d68596076
c62d9793e8efb146fd8c99d6d0976e0dd2ca986197d5b854bc6406ea5edcee3f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1d3faf0f2e5af5455d4cf48ea56899d8d16d75fe6719593a28fe3c6f9b3c413
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c09580f2f8d66470db742fea915e2c387ac25aeb2aea55f491c84af65614af
ef437ad387110bff7b41c27112bde6604bf6afca8c8265fa8f781b456df98e6c