urlscan.io logo urlscan.io
SecurityTrails logo

www.nomesdefantasia.com Open in urlscan Pro
2a01:7e00:e000:27a::1201  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.nomesdefantasia.com/
Effective URL: https://www.nomesdefantasia.com/
Submission: On June 23 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 32 HTTP transactions. The main IP is 2a01:7e00:e000:27a::1201, located in London, United Kingdom and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is www.nomesdefantasia.com.
TLS certificate: Issued by R10 on June 11th 2024. Valid for: 3 months.
This is the only time www.nomesdefantasia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    2a01:7e00:e000:27a::1201 (London, United Kingdom)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
www.nomesdefantasia.com
4    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.reddit.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
5    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
8 nomesdefantasia.com
www.nomesdefantasia.com
12 KB
6 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
273 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 70
5 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1433
syndication.twitter.com — Cisco Umbrella Rank: 1678
31 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 745
17 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
89 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 5
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
1 reddit.com
www.reddit.com — Cisco Umbrella Rank: 2250
1 KB
32 9
Domain Requested by
8 www.nomesdefantasia.com www.nomesdefantasia.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 platform.twitter.com www.nomesdefantasia.com
platform.twitter.com
4 pagead2.googlesyndication.com www.nomesdefantasia.com
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 ssl.google-analytics.com www.nomesdefantasia.com
2 connect.facebook.net www.nomesdefantasia.com
connect.facebook.net
1 www.google.com tpc.googlesyndication.com
1 www.facebook.com connect.facebook.net
1 syndication.twitter.com www.nomesdefantasia.com
1 www.reddit.com www.nomesdefantasia.com
32 11
Subject Issuer Validity Valid
www.nomesdefantasia.com
R10		 2024-06-11 -
2024-09-09		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-05-30 -
2024-11-26		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-02 -
2024-07-01		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
syndication.twitter.com
R3		 2024-05-22 -
2024-08-20		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://www.nomesdefantasia.com/
Frame ID: F8E4FA5BF5312F909DA71430D81FD373
Requests: 22 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.nomesdefantasia.com
Frame ID: 9BC80A07BD844D91CDE8E5B92F13FA23
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Frame ID: D1EFF2942D5BA2AD7CA3920AE03018AA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4949354093717732&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1719164903&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x540_l&format=0x0&url=https%3A%2F%2Fwww.nomesdefantasia.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=27_15~29_18&aiixl=27_3~29_5&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&dt=1719164903094&bpp=3&bdt=607&idt=271&shv=r20240618&mjsv=m202406180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4649652015127&frm=20&pv=2&ga_vid=1969849070.1719164903&ga_sid=1719164903&ga_hid=695398694&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C31084688%2C95331689%2C95334509%2C95334525%2C95334570%2C95335896%2C95331953%2C95335292%2C21065724%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1342069383840695&tmod=1488079924&uas=0&nvt=1&fsapi=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=331
Frame ID: F8DEF7B81032536816C55C782380FF91
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4949354093717732&output=html&h=600&slotname=4961745906&adk=3191109235&adf=3870277056&pi=t.ma~as.4961745906&w=160&abgtt=3&lmt=1719164903&format=160x600&url=https%3A%2F%2Fwww.nomesdefantasia.com%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&dt=1719164903097&bpp=1&bdt=609&idt=347&shv=r20240618&mjsv=m202406180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4649652015127&frm=20&pv=1&ga_vid=1969849070.1719164903&ga_sid=1719164903&ga_hid=695398694&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=14&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C31084688%2C95331689%2C95334509%2C95334525%2C95334570%2C95335896%2C95331953%2C95335292%2C21065724%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1342069383840695&tmod=1488079924&uas=0&nvt=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=363
Frame ID: 40482B76649008343994673159782058
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html
Frame ID: 500044EBDDC5A3724F866FD53426AEAB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Frame ID: 22AA4CDA3D93A14A5D94AEE5593F3986
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Frame ID: B3E14861E99344BA81211E78FEA969D9
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1eb19786ffb4d83d%26domain%3Dwww.nomesdefantasia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nomesdefantasia.com%252Ff37fe13f1d19256c0%26relation%3Dparent.parent&container_width=1342&href=https%3A%2F%2Fwww.nomesdefantasia.com%2F&layout=standard&locale=pt_PT&sdk=joey&share=true&show_faces=true
Frame ID: C0FABB6429EC175359462FE4E9CFC48A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7ED5B6CD250708890D0150D8AD43EA45
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7999FD1F432F7ECB1CF4736D2B9FE439
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gerador de Nomes de Fantasia

Page URL History Show full URLs

  1. http://www.nomesdefantasia.com/ HTTP 307
    https://www.nomesdefantasia.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

32
Requests

97 %
HTTPS

82 %
IPv6

9
Domains

11
Subdomains

12
IPs

3
Countries

424 kB
Transfer

1252 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.nomesdefantasia.com/ HTTP 307
    https://www.nomesdefantasia.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.nomesdefantasia.com/
Redirect Chain
  • http://www.nomesdefantasia.com/
  • https://www.nomesdefantasia.com/
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nomesdefantasia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
a48e00cdea361c458a2fbbf6cc7ec5ad78e917898020772fa8d7b143f2340001
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-security-policy
default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-type
text/html; charset=UTF-8
date
Sun, 23 Jun 2024 17:48:22 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx/1.24.0 (Ubuntu)
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0

Redirect headers

Location
https://www.nomesdefantasia.com/
Non-Authoritative-Reason
HttpsUpgrades
style.css
www.nomesdefantasia.com/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nomesdefantasia.com/style.css
Requested by
Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
3b3987636fb31bbd20740155b66c465d874af2cc5362e5d4e084d4e796fb3a28
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nomesdefantasia.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 17:48:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 11 May 2015 12:55:01 GMT
server
nginx/1.24.0 (Ubuntu)
content-security-policy
default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-encoding
br
etag
W/"5550a6a5-c86"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=86400
x-xss-protection
0
expires
Mon, 24 Jun 2024 17:48:22 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		157 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b9c478e0f7efab84dbeb6e53e0808424e823483591b22e36b147cd137128d6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nomesdefantasia.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 17:48:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52786
x-xss-protection
0
server
cafe
etag
5405838135122008447
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 23 Jun 2024 17:48:22 GMT
spreddit7.gif
www.reddit.com/static/ 		688 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.reddit.com/static/spreddit7.gif
Requested by
Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
8bb755868270c58be8718b63ff08f560fe952537237af30e68979ff7eefd1c8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nomesdefantasia.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 17:48:22 GMT
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 14 Nov 2011 00:48:52 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 1.0, "failure_fraction": 1.0}
etag
"02cf565e58da222df50a42ee0ec9ee56"
x-frame-options
SAMEORIGIN
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
688
x-xss-protection
1; mode=block
uk.png
www.nomesdefantasia.com/images/ 		284 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nomesdefantasia.com/images/uk.png
Requested by
Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
ef437ad387110bff7b41c27112bde6604bf6afca8c8265fa8f781b456df98e6c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nomesdefantasia.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 17:48:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-length
284
x-xss-protection
0
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 24 Jun 2013 06:31:10 GMT
server
nginx/1.24.0 (Ubuntu)
etag
"51c7e7ae-11c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
expires
Sun, 30 Jun 2024 17:48:22 GMT
es.png
www.nomesdefantasia.com/images/ 		231 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nomesdefantasia.com/images/es.png
Requested by
Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
c2f060e08ab6fb044d58c757f08098ad285ea2da0f384eff07c8558d68596076
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nomesdefantasia.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 17:48:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-length
231
x-xss-protection
0
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 24 Jun 2013 06:31:10 GMT
server
nginx/1.24.0 (Ubuntu)
etag
"51c7e7ae-e7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
expires
Sun, 30 Jun 2024 17:48:22 GMT
fr.png
www.nomesdefantasia.com/images/ 		191 B
996 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nomesdefantasia.com/images/fr.png
Requested by
Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
eebf8c4809be016071e5cff22053eadde49a1211b59d950ae4a40be677bf610d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nomesdefantasia.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 17:48:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-length
191
x-xss-protection
0
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 29 Jun 2013 06:11:49 GMT
server
nginx/1.24.0 (Ubuntu)
etag
"51ce7aa5-bf"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
expires
Sun, 30 Jun 2024 17:48:22 GMT
it.png
www.nomesdefantasia.com/images/ 		191 B
996 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nomesdefantasia.com/images/it.png
Requested by
Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
37ff18d9b420a72b81d7157e63228849248890adc67c4b87026e2296d2732def
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nomesdefantasia.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 17:48:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-length
191
x-xss-protection
0
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 29 Jun 2018 12:58:38 GMT
server
nginx/1.24.0 (Ubuntu)
etag
"5b362cfe-bf"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
expires
Sun, 30 Jun 2024 17:48:22 GMT
de.png
www.nomesdefantasia.com/images/ 		88 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nomesdefantasia.com/images/de.png
Requested by
Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
93d5d46617b41c4ed38485e536a687f54f9f0a86b2da64fa6b415118aacb8470
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nomesdefantasia.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 17:48:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-length
88
x-xss-protection
0
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 11 Oct 2020 14:11:18 GMT
server
nginx/1.24.0 (Ubuntu)
etag
"5f831286-58"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
expires
Sun, 30 Jun 2024 17:48:22 GMT
sdk.js
connect.facebook.net/pt_PT/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_PT/sdk.js
Requested by
Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
07a784c8b0ef73fa14f7286c42caa4d598a464e07a746fb36c9b6257edbc367d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nomesdefantasia.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 23 Jun 2024 17:48:23 GMT
content-md5
/EoyEO37KJ3EtwOSXD9G0A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=15, rtx=0, c=13, mss=1392, tbw=2764, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
K+AeeaZ6bX8mDcICcJO/2RWP5LD31PCc535yan4S1Ndcb0BzRzYd135M466n7yM8mASxbtAfaiZBEkfHdsTR9A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
8558430f5dcf9df910704fa4c6b0d8c4
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"c2772d0e253b213b889d667f3e12d6a1"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Sun, 23 Jun 2024 18:01:26 GMT
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E0) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nomesdefantasia.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 23 Jun 2024 17:48:23 GMT
Content-Encoding
gzip
Age
649
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (frb/67E0)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nomesdefantasia.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 23 Jun 2024 17:19:52 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1711
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Sun, 23 Jun 2024 19:19:52 GMT
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 9BC8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.nomesdefantasia.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.nomesdefantasia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
7821250
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Sun, 23 Jun 2024 17:48:23 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6711)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/ 		431 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
888db67a145be5826c9543f1607c980f41858b0a684f14b8551672a5f27e76bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nomesdefantasia.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 17:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148804
x-xss-protection
0
server
cafe
etag
7318712128645544799
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Jun 2024 17:48:23 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/ Frame D1EF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.nomesdefantasia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
80049
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jun 2024 19:34:14 GMT
etag
9187630395144177108
expires
Sat, 06 Jul 2024 19:34:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F8DE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4949354093717732&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1719164903&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x540_l&format=0x0&url=https%3A%2F%2Fwww.nomesdefantasia.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=27_15~29_18&aiixl=27_3~29_5&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&dt=1719164903094&bpp=3&bdt=607&idt=271&shv=r20240618&mjsv=m202406180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4649652015127&frm=20&pv=2&ga_vid=1969849070.1719164903&ga_sid=1719164903&ga_hid=695398694&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C31084688%2C95331689%2C95334509%2C95334525%2C95334570%2C95335896%2C95331953%2C95335292%2C21065724%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1342069383840695&tmod=1488079924&uas=0&nvt=1&fsapi=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=331
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.nomesdefantasia.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
80442
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jun 2024 17:48:24 GMT
expires
Sun, 23 Jun 2024 17:48:24 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4048 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4949354093717732&output=html&h=600&slotname=4961745906&adk=3191109235&adf=3870277056&pi=t.ma~as.4961745906&w=160&abgtt=3&lmt=1719164903&format=160x600&url=https%3A%2F%2Fwww.nomesdefantasia.com%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&dt=1719164903097&bpp=1&bdt=609&idt=347&shv=r20240618&mjsv=m202406180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4649652015127&frm=20&pv=1&ga_vid=1969849070.1719164903&ga_sid=1719164903&ga_hid=695398694&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=14&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C31084688%2C95331689%2C95334509%2C95334525%2C95334570%2C95335896%2C95331953%2C95335292%2C21065724%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1342069383840695&tmod=1488079924&uas=0&nvt=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=363
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.nomesdefantasia.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
49520
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jun 2024 17:48:24 GMT
expires
Sun, 23 Jun 2024 17:48:24 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
button.856debeac157d9669cf51e73a08fbc93.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E0) /
Resource Hash
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nomesdefantasia.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 23 Jun 2024 17:48:23 GMT
Content-Encoding
gzip
Age
7832521
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2620
Last-Modified
Mon, 11 Dec 2023 17:19:47 GMT
Server
ECS (frb/67E0)
Etag
"fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html
platform.twitter.com/widgets/ Frame 5000 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668D) /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.nomesdefantasia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
7832015
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
12714
Content-Type
text/html; charset=utf-8
Date
Sun, 23 Jun 2024 17:48:23 GMT
Etag
"a9939cebd5fcfb5da02584a7718324d9+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:48 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/668D)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/ 		43 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.nomesdefantasia.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22pt%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1719164903773%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=bce693e5466f7a8489ffd45ae247ef06c4feb38c
Requested by
Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nomesdefantasia.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
114
date
Sun, 23 Jun 2024 17:48:23 GMT
strict-transport-security
max-age=631138519
last-modified
Sun, 23 Jun 2024 17:48:23 GMT
server
tsa_f
vary
Origin
content-type
image/gif
x-transaction-id
229b24034245a255
cache-control
must-revalidate, max-age=600
perf
7402827104
x-connection-hash
17496c324263c1a2e19a483168d17211132b1dc102d9ec0337fa60c7621ef826
content-length
43
sdk.js
connect.facebook.net/pt_PT/ 		299 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_PT/sdk.js?hash=62cecc854db7552e9406b5450577d316
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_PT/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fb3057ae16dd75ceaa4be963a48e9c8e120b384e83e5a1358ab3e7608e4045e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nomesdefantasia.com/
Origin
https://www.nomesdefantasia.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 23 Jun 2024 17:48:24 GMT
content-md5
iKvbCmCXvAPk8pTosn5LPg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87647
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=23, mss=1232, tbw=5496, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug
V2IWefFGjF5rKUnTPmE4iJ+ku9pkOVZohxFGbvtnYaOpi9ERsfPLQ2cG99Ie0otOZKLUA+7T9tVOq7pt1IvxaA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
840f6d56b1f269f3d8a7e665c9c2b7ef
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"f0f7b938691891249b2b3b35cbc79ca6"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Mon, 23 Jun 2025 16:44:38 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1543484450&utmhn=www.nomesdefantasia.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-gb&utmje=0&utmfl=-&utmdt=Gerador%20de%20Nomes%20de%20Fantasia&utmhid=695398694&utmr=-&utmp=%2F&utmht=1719164904018&utmac=UA-151199-40&utmcc=__utma%3D255590423.1969849070.1719164903.1719164903.1719164903.1%3B%2B__utmz%3D255590423.1719164904.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1238026170&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~
Requested by
Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nomesdefantasia.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 23 Jun 2024 17:48:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/ 		169 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5482725cd866e22a4ab1332ef31ad0b4088b05b272c2f182a7374844c40698e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nomesdefantasia.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 17:48:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58347
x-xss-protection
0
server
cafe
etag
2753321736409246311
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Jun 2024 17:48:24 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/ Frame 22AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.nomesdefantasia.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
80049
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jun 2024 19:34:14 GMT
etag
9187630395144177108
expires
Sat, 06 Jul 2024 19:34:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/ Frame B3E1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.nomesdefantasia.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
80049
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jun 2024 19:34:14 GMT
etag
9187630395144177108
expires
Sat, 06 Jul 2024 19:34:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240618&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26d1e23f2e0d3385f67a8c30d0f4ca70446afa645b6b3d4aabfcdf84fd1e6b22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nomesdefantasia.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 17:48:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12777
x-xss-protection
0
like.php
www.facebook.com/v2.5/plugins/ Frame C0FA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1eb19786ffb4d83d%26domain%3Dwww.nomesdefantasia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nomesdefantasia.com%252Ff37fe13f1d19256c0%26relation%3Dparent.parent&container_width=1342&href=https%3A%2F%2Fwww.nomesdefantasia.com%2F&layout=standard&locale=pt_PT&sdk=joey&share=true&show_faces=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_PT/sdk.js?hash=62cecc854db7552e9406b5450577d316
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.nomesdefantasia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jun 2024 17:48:26 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v14.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383757048879269417"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383757048879269417", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1392, tbw=2757, tp=-1, tpl=-1, uplat=566, ullat=0
x-fb-debug
F5Wfqrc2ov7PpPQXA8FsfS8nK040NQ2COkvPt25oaMnaF4QbYrR031t6b1yGy76s5/8mbQLOPAp+UKi32O70GA==
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nomesdefantasia.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 17:48:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 23 Jun 2024 17:48:26 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7ED5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.nomesdefantasia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
10268
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jun 2024 14:57:18 GMT
expires
Mon, 23 Jun 2025 14:57:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7999 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KxmtvwFzbVBkJwULdonxhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.nomesdefantasia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-KxmtvwFzbVBkJwULdonxhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jun 2024 17:48:26 GMT
expires
Sun, 23 Jun 2024 17:48:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
favicon.ico
www.nomesdefantasia.com/ 		318 B
903 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.nomesdefantasia.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
2837046b1cdcc113c9cd75150715285de587c9e6a363a2646da9d9e2fed36170
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nomesdefantasia.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 17:48:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 30 Nov 2012 05:50:20 GMT
server
nginx/1.24.0 (Ubuntu)
content-security-policy
default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-encoding
br
etag
W/"50b8491c-13e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/x-icon
cache-control
max-age=604800
x-xss-protection
0
expires
Sun, 30 Jun 2024 17:48:27 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240618&jk=1342069383840695&bg=!hIelh8jNAAb64txl2uI7ADQBe5WfOBwzw-wVG0lqP4rD199UrwQZ2qXMXGdto6rjct14I2D-qt93kfHl_91SKn4nvMnZAgAAAFNSAAAACGgBB34ANjQ7mO0-uV944uWoXPRJKLOPsZckBjF2jTacp9YfPTSzbQxWkGceu5YCBHjp37kFNN7j0gvKEJkC1Vzwa1ZYObmwhhV3OAthimIqQ8ihkPCc4bEjOfVEHDZrLh-NgywsaTBAFsOjKIdSFpoJfGO3xR0Nk9bnpqPUDu7Curvd3r8nJXjRhU2vy-hIrM6g8XqRS85Ap0tCOTryxbaCrGwsm76EYMFxYhNkf9CugeWC5Q4Az0lh1l-dLKGF4g1nF3jFIPMpSk8yBkmZ4MEY7it3ZW3gGuBMlYRuXEcsESgMbaSFVUDnxqso5fJj14ZusvgWHu3LpBisMttw8SoGmtYQdBSH9mB7g8vEYA0Mc_H4Q95AsQXSgyIe6Xs6wIV1cXGA2uBfOaKLkSZ-yKAj7ivW8C9Ukawn5-8As4ysuAl6O8CALSOosHpqoUOYbvp06JJrHrlg4Zwk-OWE5xpv6PcdlT89n9wD14gDFkrCEmKZx4e2wk6iO0TXjkXypw2IvVJobTqO9ADnOokvLtecvgfe5Y_u483SNRbBkiMOR-g_471Ulpd5_V2XwVAS8rkaIncjgZKJ6ojDfyXaRjSrWV4b9V4AGGnTBTCcNy27XRQrIUVoGwNJ5sw6M0p-CsR5EotdESepcsvoMHoHSuuBoDEWk8sQctpda1VuVpqlkP5yaHqRNyj-DBTW_SQwzZcnvIUztYjsZEKGIGp856sXhYUC6AgLpsp-17fhfMAZlXV-UCph-OsPITIfZIzxCsFw0jEj_6lkvVMsNFPmvFHkkG2qmKmNm6fI4VSdZmt2RlXLuN0BfIZvGg_xsWbA8hhrewBBTehW7d81Z2nK8VHqb5Wv3R6_9gJrayND6j6OmQsSgInY1leNtDOkxeeAKWyfz563jKiLUnNP2drwH4HT-rXxYvLXVsuY9uE06YV5-psxtve8lP9EzZb0MyVtA-gQTUuFGDcb7cpC0THmS4RsS1ASEj4LqPer07hVD29P-ALSlsRFcfLh0SDKzDdtJk-7I4-Ec6ySTbanDA_GX0Ixg8uu

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 undefined| event object| fence object| sharedStorage object| adsbygoogle object| _gaq object| __twttrll object| twttr object| __twttr object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| FB object| _gat object| __buffer object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

16 Cookies

Domain/Path Name / Value
.nomesdefantasia.com/ Name: __utmc
Value: 255590423
.nomesdefantasia.com/ Name: __utmz
Value: 255590423.1719164904.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.nomesdefantasia.com/ Name: __utmt
Value: 1
.nomesdefantasia.com/ Name: __utma
Value: 255590423.1969849070.1719164903.1719164903.1719164903.1
.nomesdefantasia.com/ Name: __utmb
Value: 255590423.1.10.1719164904
.doubleclick.net/ Name: IDE
Value: AHWqTUmeZbrlv0bsJVh8YWY3go_Qpg8l5NGzUsjyVYiGNOOrYdJpclRmBfRBRGVM
.casalemedia.com/ Name: CMID
Value: Znhf6FVbL10AAArmAXhR-AAA
.casalemedia.com/ Name: CMPS
Value: 1822
.casalemedia.com/ Name: CMPRO
Value: 1822
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.nomesdefantasia.com/ Name: __gads
Value: ID=ad3095a752cd93d0:T=1719164903:RT=1719164903:S=ALNI_Ma3BPFAqNEJAJc7eHPu7duhPwsV8A
.nomesdefantasia.com/ Name: __gpi
Value: UID=00000e63438134d8:T=1719164903:RT=1719164903:S=ALNI_MbZl_6puw-CUmdrvwZq8UU2Ur9duQ
.nomesdefantasia.com/ Name: __eoi
Value: ID=adb31c9b4b5ecd91:T=1719164903:RT=1719164903:S=AA-AfjbziEiLC3P1mQ8CvnwaVOS-
.doubleclick.net/ Name: APC
Value: AfxxVi6Tz3r_ELeoDGFqiPjI4ebqBjO0sNTtrz9l06t3yuXcM1B1vQ
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: ar_debug
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
platform.twitter.com
ssl.google-analytics.com
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.nomesdefantasia.com
www.reddit.com
pagead2.googlesyndication.com
104.244.42.72
151.101.65.140
2606:2800:234:46c:e8b:1e2f:2bd:694
2a00:1450:4001:800::2001
2a00:1450:4001:811::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a01:7e00:e000:27a::1201
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
07a784c8b0ef73fa14f7286c42caa4d598a464e07a746fb36c9b6257edbc367d
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
26d1e23f2e0d3385f67a8c30d0f4ca70446afa645b6b3d4aabfcdf84fd1e6b22
2837046b1cdcc113c9cd75150715285de587c9e6a363a2646da9d9e2fed36170
37ff18d9b420a72b81d7157e63228849248890adc67c4b87026e2296d2732def
3b3987636fb31bbd20740155b66c465d874af2cc5362e5d4e084d4e796fb3a28
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b9c478e0f7efab84dbeb6e53e0808424e823483591b22e36b147cd137128d6b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
888db67a145be5826c9543f1607c980f41858b0a684f14b8551672a5f27e76bf
8bb755868270c58be8718b63ff08f560fe952537237af30e68979ff7eefd1c8a
93d5d46617b41c4ed38485e536a687f54f9f0a86b2da64fa6b415118aacb8470
a48e00cdea361c458a2fbbf6cc7ec5ad78e917898020772fa8d7b143f2340001
a5482725cd866e22a4ab1332ef31ad0b4088b05b272c2f182a7374844c40698e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
c2f060e08ab6fb044d58c757f08098ad285ea2da0f384eff07c8558d68596076
eebf8c4809be016071e5cff22053eadde49a1211b59d950ae4a40be677bf610d
ef437ad387110bff7b41c27112bde6604bf6afca8c8265fa8f781b456df98e6c
fb3057ae16dd75ceaa4be963a48e9c8e120b384e83e5a1358ab3e7608e4045e7