controlpanel.nominalia.com Open in urlscan Pro
81.88.58.195  Malicious Activity! Public Scan

Submitted URL: https://controlpanel.nominalia.com/payment/invoices.html
Effective URL: https://controlpanel.nominalia.com/welcome.html
Submission: On December 20 via api from AE — Scanned from IT

Summary

This website contacted 22 IPs in 6 countries across 17 domains to perform 60 HTTP transactions. The main IP is 81.88.58.195, located in Italy and belongs to REGISTER-AS REGISTER S.P.A., IT. The main domain is controlpanel.nominalia.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 18th 2024. Valid for: a year.
This is the only time controlpanel.nominalia.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Register.it (Online)

Domain & IP information

IP Address AS Autonomous System
1 20 81.88.58.195 39729 (REGISTER-...)
2 142.250.186.132 15169 (GOOGLE)
2 104.18.11.207 13335 (CLOUDFLAR...)
4 81.88.57.79 39729 (REGISTER-...)
2 52.222.236.60 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 142.250.185.67 15169 (GOOGLE)
2 2400:52e0:1e0... 200325 (BunnyCDN ...)
2 157.240.0.6 32934 (FACEBOOK)
2 172.67.72.173 13335 (CLOUDFLAR...)
2 2620:1ec:29:1... 8075 (MICROSOFT...)
1 172.217.16.200 15169 (GOOGLE)
1 2400:52e0:1a0... 200325 (BunnyCDN ...)
2 157.240.0.35 32934 (FACEBOOK)
2 52.152.143.207 8075 (MICROSOFT...)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2400:52e0:1e0... 60068 (CDN77 Dat...)
3 2001:4860:480... 15169 (GOOGLE)
1 172.217.23.98 15169 (GOOGLE)
60 22
Apex Domain
Subdomains
Transfer
20 nominalia.com
controlpanel.nominalia.com
www.nominalia.com
trk.nominalia.com
286 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
o.clarity.ms — Cisco Umbrella Rank: 7829
c.clarity.ms — Cisco Umbrella Rank: 1269
31 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
496 KB
4 iubenda.com
cdn.iubenda.com — Cisco Umbrella Rank: 16026
cs.iubenda.com — Cisco Umbrella Rank: 17999
idb.iubenda.com — Cisco Umbrella Rank: 19082
72 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
261 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
3 cmp-teamblue.services
srv.cmp-teamblue.services
86 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
214 B
2 metricool.com
tracker.metricool.com — Cisco Umbrella Rank: 22820
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
76 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
4 KB
2 trustpilot.com
widget.trustpilot.com — Cisco Umbrella Rank: 5857
8 KB
2 bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3540
83 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
966 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
1 bing.com
c.bing.com — Cisco Umbrella Rank: 205
771 B
1 teamblue.services
cdn.teamblue.services
6 KB
60 17
Domain Requested by
10 controlpanel.nominalia.com 1 redirects controlpanel.nominalia.com
5 www.googletagmanager.com controlpanel.nominalia.com
www.googletagmanager.com
5 trk.nominalia.com controlpanel.nominalia.com
trk.nominalia.com
5 www.nominalia.com controlpanel.nominalia.com
3 region1.google-analytics.com www.googletagmanager.com
3 fonts.gstatic.com fonts.googleapis.com
3 srv.cmp-teamblue.services controlpanel.nominalia.com
srv.cmp-teamblue.services
2 c.clarity.ms 1 redirects
2 o.clarity.ms www.clarity.ms
2 www.facebook.com controlpanel.nominalia.com
2 www.clarity.ms controlpanel.nominalia.com
www.clarity.ms
2 tracker.metricool.com controlpanel.nominalia.com
2 connect.facebook.net controlpanel.nominalia.com
connect.facebook.net
2 cdn.iubenda.com srv.cmp-teamblue.services
cdn.iubenda.com
2 fonts.googleapis.com controlpanel.nominalia.com
2 widget.trustpilot.com controlpanel.nominalia.com
widget.trustpilot.com
2 netdna.bootstrapcdn.com controlpanel.nominalia.com
netdna.bootstrapcdn.com
2 www.google.com controlpanel.nominalia.com
www.gstatic.com
1 pagead2.googlesyndication.com www.googletagmanager.com
1 idb.iubenda.com cdn.iubenda.com
1 c.bing.com 1 redirects
1 cs.iubenda.com cdn.iubenda.com
1 cdn.teamblue.services controlpanel.nominalia.com
1 www.gstatic.com www.google.com
60 24
Subject Issuer Validity Valid
*.nominalia.com
Sectigo RSA Domain Validation Secure Server CA
2024-04-18 -
2025-04-18
a year crt.sh
*.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
bootstrapcdn.com
WE1
2024-11-18 -
2025-02-16
3 months crt.sh
*.cmp-teamblue.services
Sectigo RSA Domain Validation Secure Server CA
2024-09-19 -
2025-10-18
a year crt.sh
*.trustpilot.com
Amazon RSA 2048 M02
2024-12-03 -
2026-01-01
a year crt.sh
*.gstatic.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
upload.video.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.google-analytics.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.teamblue.services
Sectigo RSA Domain Validation Secure Server CA
2024-01-11 -
2025-01-23
a year crt.sh
*.iubenda.com
Sectigo RSA Domain Validation Secure Server CA
2024-02-01 -
2025-03-03
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-28 -
2024-12-27
3 months crt.sh
metricool.com
WE1
2024-11-28 -
2025-02-26
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh
*.g.doubleclick.net
WR2
2024-12-02 -
2025-02-24
3 months crt.sh

This page contains 4 frames:

Primary Page: https://controlpanel.nominalia.com/welcome.html
Frame ID: 3D9DAF5524C9ACD6B15412BDA13FBEB4
Requests: 57 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=4a89bef20000640005048578
Frame ID: 4234A60D55D413DA1CBBBB392CB7FF35
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc0d5wUAAAAAI19ULrgr5-LFrPP0Nx3AMrKm4_H&co=aHR0cHM6Ly9jb250cm9scGFuZWwubm9taW5hbGlhLmNvbTo0NDM.&hl=es&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&sa=login_pdc&cb=sn1rn1mwbkzd
Frame ID: DB0E9D6939F4911343E7CDC640342F8B
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fcontrolpanel.nominalia.com
Frame ID: 5B6529D03FC7E66A09E7B9F219E868F8
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Panel de Control

Page URL History Show full URLs

  1. https://controlpanel.nominalia.com/payment/invoices.html HTTP 302
    https://controlpanel.nominalia.com/welcome.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • iubenda\.com/cookie-solution/confs/js/

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

60
Requests

97 %
HTTPS

41 %
IPv6

17
Domains

24
Subdomains

22
IPs

6
Countries

1412 kB
Transfer

4001 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://controlpanel.nominalia.com/payment/invoices.html HTTP 302
    https://controlpanel.nominalia.com/welcome.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://www.nominalia.com/_img/header/flags_ln HTTP 301
  • https://www.nominalia.com/404.html
Request Chain 49
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F5F58E2E407148BE98F447866E2BDFB0&RedC=c.clarity.ms&MXFR=3177C63D948560B5266BD36690856E3B HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F5F58E2E407148BE98F447866E2BDFB0&MUID=02DC3BA2678B61902BC72EF96631609E

60 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request welcome.html
controlpanel.nominalia.com/
Redirect Chain
  • https://controlpanel.nominalia.com/payment/invoices.html
  • https://controlpanel.nominalia.com/welcome.html
68 KB
16 KB
Document
General
Full URL
https://controlpanel.nominalia.com/welcome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS REGISTER S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
3322e501f6f4fd67e699b8bcdb760441348f0880406bed1f57c163bdd920079b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.nominalia.com/
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding
gzip
Content-Length
16032
Content-Security-Policy
frame-ancestors 'self' https://*.nominalia.com/
Content-Type
text/html; charset=UTF-8
Date
Fri, 20 Dec 2024 09:13:11 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=15768000;
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN

Redirect headers

Accept-Ranges
bytes
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding
gzip
Content-Length
20
Content-Security-Policy
frame-ancestors 'self' https://*.nominalia.com/
Content-Type
text/html; charset=UTF-8
Date
Fri, 20 Dec 2024 09:13:11 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
/welcome.html
Pragma
no-cache
Strict-Transport-Security
max-age=15768000;
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
jquery-3.6.3.min.js
controlpanel.nominalia.com/static/js/jquery/v3.6.3/
88 KB
31 KB
Script
General
Full URL
https://controlpanel.nominalia.com/static/js/jquery/v3.6.3/jquery-3.6.3.min.js
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/welcome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS REGISTER S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
448ef0632211ba18d7c1557a6d22250820ac3b4465ba2e73b7137f4dc4a31a12
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.nominalia.com/
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/welcome.html

Response headers

Strict-Transport-Security
max-age=15768000;
Content-Security-Policy
frame-ancestors 'self' https://*.nominalia.com/
Content-Encoding
gzip
ETag
"10a1a17-15f5a-5f4b98049ca80"
Accept-Ranges
bytes, bytes
Content-Length
31078
Date
Fri, 20 Dec 2024 09:13:11 GMT
Last-Modified
Wed, 15 Feb 2023 09:14:02 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
X-Frame-Options
SAMEORIGIN
jquery-browserPatch.min.js
controlpanel.nominalia.com/static/js/jquery/v3.6.3/
1009 B
899 B
Script
General
Full URL
https://controlpanel.nominalia.com/static/js/jquery/v3.6.3/jquery-browserPatch.min.js
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/welcome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS REGISTER S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
3bd185a53638a20a7ab96d8ecd1ce355e78af3e3c9300ea473c91f40dcf9e25b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.nominalia.com/
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/welcome.html

Response headers

Strict-Transport-Security
max-age=15768000;
Content-Security-Policy
frame-ancestors 'self' https://*.nominalia.com/
Content-Encoding
gzip
ETag
"461d75-3f1-5f4b98049ca80"
Accept-Ranges
bytes, bytes
Content-Length
464
Date
Fri, 20 Dec 2024 09:13:11 GMT
Last-Modified
Wed, 15 Feb 2023 09:14:02 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
X-Frame-Options
SAMEORIGIN
api.js
www.google.com/recaptcha/
1 KB
966 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?hl=es
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/welcome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
ESF /
Resource Hash
6cb84ba2c69f18ec3d1aa6528d61f6e5c9b702ef0bcecc67dae190ccb5c76583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Fri, 20 Dec 2024 09:13:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Fri, 20 Dec 2024 09:13:11 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
dp_common.min.js
www.nominalia.com/_js/dp_common//v3.0.2/
26 KB
8 KB
Script
General
Full URL
https://www.nominalia.com/_js/dp_common//v3.0.2/dp_common.min.js
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/welcome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS REGISTER S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
b137cacd2117b97e93627cec4f01b023cf3e218110ebd6eb4041023f0a99a798
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.nominalia.com/
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

Strict-Transport-Security
max-age=15768000;
Content-Security-Policy
frame-ancestors 'self' https://*.nominalia.com/
Content-Encoding
gzip
ETag
"4425c1-664c-6174e12f1fa40"
Accept-Ranges
bytes, bytes
Content-Length
7579
Date
Fri, 20 Dec 2024 09:13:11 GMT
Last-Modified
Tue, 30 Apr 2024 10:45:53 GMT
Vary
X-Forwarded-Proto,Accept-Encoding
Content-Type
application/javascript
X-Frame-Options
SAMEORIGIN
serve.php
controlpanel.nominalia.com/
53 KB
11 KB
Stylesheet
General
Full URL
https://controlpanel.nominalia.com/serve.php?file=firstLevel/header,firstLevel/headerInner,social/login,standardLogin/login,firstLevel/footer,welcome&lang=spa
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/welcome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS REGISTER S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
083ffbb5861a57cf4f989e772d0abfda8ee7fc1a52d0bc0a5d485b6e0f20ea56
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.nominalia.com/
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/welcome.html

Response headers

Strict-Transport-Security
max-age=15768000;
Content-Security-Policy
frame-ancestors 'self' https://*.nominalia.com/
Cache-Control
public, max-age=10800
Content-Encoding
gzip
Pragma
Etag
"cc2c642ffa0248200c9a72f84826c49d"
Expires
Fri, 20 Dec 2024 12:13:11 +0000
Accept-Ranges
bytes
Content-Length
11073
Date
Fri, 20 Dec 2024 09:13:11 GMT
Last-Modified
-3700
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
X-Frame-Options
SAMEORIGIN
base_buttons.css
www.nominalia.com/_css/
18 KB
4 KB
Stylesheet
General
Full URL
https://www.nominalia.com/_css/base_buttons.css
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/welcome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS REGISTER S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
04dfbe2180b5cc069f7ef1ea3beb46549e3598957518245ab8269f5fc42380e5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.nominalia.com/
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

Strict-Transport-Security
max-age=15768000;
Content-Security-Policy
frame-ancestors 'self' https://*.nominalia.com/
Content-Encoding
gzip
ETag
"441de1-4783-6246f809ce680"
Accept-Ranges
bytes, bytes
Content-Length
3279
Date
Fri, 20 Dec 2024 09:13:11 GMT
Last-Modified
Mon, 14 Oct 2024 13:06:18 GMT
Vary
X-Forwarded-Proto,Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/welcome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"269550530cc127b6aa5a35925a7de6ce"
age
2080758
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 20 Dec 2024 09:13:11 GMT
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
11/07/2024 01:04:57
cdn-requestpullcode
200
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
d815eb436cc7f34780cc516983fb61fb
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.06
cf-ray
8f4e83d5a8b6d391-FRA
access-control-allow-origin
*
cdn-edgestorageid
871
server
cloudflare
cdn-requestcountrycode
US
cmp_standalone.min.js
srv.cmp-teamblue.services/js/
24 KB
10 KB
Script
General
Full URL
https://srv.cmp-teamblue.services/js/cmp_standalone.min.js
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/welcome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.57.79 , Italy, ASN39729 (REGISTER-AS REGISTER S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
722c7a352a986df943de844781a8b1a807778b6bf3ac809b9d4f3d039a98823c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Content-Encoding
gzip
ETag
W/"6716214e-60c8"
Pragma
no-cache
Expires
Thu, 19 Dec 2024 09:13:11 GMT
Date
Fri, 20 Dec 2024 09:13:11 GMT
Content-Type
application/javascript
Last-Modified
Mon, 21 Oct 2024 09:39:26 GMT
Vary
Accept-Encoding
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/
23 KB
8 KB
Script
General
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/welcome.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-60.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c69de41dda83f00cc1b13dba90a57f25df046286ecd227bdd0c4d51d94947b61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

content-encoding
gzip
etag
"7d4644d89e45fe92623bdd628e60e8dd"
age
25251
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
fQ-LerIeGeDY4aLMbZeKvuMqC_bbz2rgu0vXsZYJiS3TtSeej0P5iw==
date
Fri, 20 Dec 2024 02:12:21 GMT
content-type
application/x-javascript
last-modified
Wed, 09 Oct 2024 12:04:38 GMT
strict-transport-security
max-age=31536000
cache-control
max-age=86400
via
1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
7350
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
trk_standalone.js
trk.nominalia.com/js/
29 KB
12 KB
Script
General
Full URL
https://trk.nominalia.com/js/trk_standalone.js
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/welcome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS REGISTER S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
388bf7deb6289394a3165eb5bfd0219ef8f33a95ba3f3038e4ac367143c2f24b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Content-Encoding
gzip
ETag
W/"67600ead-736f"
Pragma
no-cache
Expires
Thu, 19 Dec 2024 09:13:11 GMT
Date
Fri, 20 Dec 2024 09:13:11 GMT
Content-Type
application/javascript
Last-Modified
Mon, 16 Dec 2024 11:27:41 GMT
Vary
Accept-Encoding
recaptcha__es.js
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/
549 KB
218 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__es.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=es
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6975f0df36c8c2662da721d92776b93a22a4a2f1ae2a75706052325daf9111d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://controlpanel.nominalia.com
Referer
https://controlpanel.nominalia.com/

Response headers

content-encoding
gzip
age
180863
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 06:58:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 06:58:48 GMT
last-modified
Tue, 10 Dec 2024 23:05:10 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222228
x-xss-protection
0
server
sffe
header.css
controlpanel.nominalia.com/static/css/
25 KB
6 KB
Stylesheet
General
Full URL
https://controlpanel.nominalia.com/static/css/header.css
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/serve.php?file=firstLevel/header,firstLevel/headerInner,social/login,standardLogin/login,firstLevel/footer,welcome&lang=spa
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS REGISTER S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
f0814d0f36cb15079b2d66d976e2c43d0017ad8a2d8a26567ebb109860bcb924
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.nominalia.com/
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/serve.php?file=firstLevel/header,firstLevel/headerInner,social/login,standardLogin/login,firstLevel/footer,welcome&lang=spa

Response headers

Strict-Transport-Security
max-age=15768000;
Content-Security-Policy
frame-ancestors 'self' https://*.nominalia.com/
Content-Encoding
gzip
ETag
"1083945-62de-5f4a6e805dc80"
Accept-Ranges
bytes, bytes
Content-Length
5749
Date
Fri, 20 Dec 2024 09:13:11 GMT
Last-Modified
Tue, 14 Feb 2023 11:02:58 GMT
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
css
fonts.googleapis.com/
33 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400italic,300,700,400,800|Open+Sans+Condensed:700,300
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/serve.php?file=firstLevel/header,firstLevel/headerInner,social/login,standardLogin/login,firstLevel/footer,welcome&lang=spa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
625bb6b43d7db740f36142781328839755e3dbff27c169c946dcd903b9121809
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 20 Dec 2024 09:13:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 09:13:11 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 20 Dec 2024 07:17:16 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,300italic,400italic
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/serve.php?file=firstLevel/header,firstLevel/headerInner,social/login,standardLogin/login,firstLevel/footer,welcome&lang=spa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c7630e92fded36aa312aed27980544c81461433863825aa640eac4c07b916a71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 20 Dec 2024 09:13:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 09:13:11 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 20 Dec 2024 09:13:11 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
reset.css
controlpanel.nominalia.com/static/css/
1 KB
996 B
Stylesheet
General
Full URL
https://controlpanel.nominalia.com/static/css/reset.css
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/static/css/header.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS REGISTER S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
c575daf05f43b83d45f655498095ebdd12cc10eca79c1c2fea0dfe51f508b651
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.nominalia.com/
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/static/css/header.css

Response headers

Strict-Transport-Security
max-age=15768000;
Content-Security-Policy
frame-ancestors 'self' https://*.nominalia.com/
Content-Encoding
gzip
ETag
"1083961-434-629257d00d800"
Accept-Ranges
bytes, bytes
Content-Length
574
Date
Fri, 20 Dec 2024 09:13:11 GMT
Last-Modified
Fri, 13 Dec 2024 11:54:08 GMT
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
cmp_all.min.js
srv.cmp-teamblue.services/js/
271 KB
64 KB
Script
General
Full URL
https://srv.cmp-teamblue.services/js/cmp_all.min.js?v=1.1.21
Requested by
Host: srv.cmp-teamblue.services
URL: https://srv.cmp-teamblue.services/js/cmp_standalone.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.57.79 , Italy, ASN39729 (REGISTER-AS REGISTER S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
f4c605acdcfefef3957bceab8932639ee759766bf89efec9e64c5bdb7b4b1156

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"6716214e-43c64"
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
DELETE, GET, HEAD, POST, PUT, OPTIONS
Date
Fri, 20 Dec 2024 09:13:11 GMT
Content-Type
application/javascript
Last-Modified
Mon, 21 Oct 2024 09:39:26 GMT
Vary
Accept-Encoding
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
gtm.js
www.googletagmanager.com/
420 KB
128 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NPQXFB
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/welcome.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7fc7096a9970f725c02b9fc4d315ca91fe9027964697b6a488eccd12b5cbdfe1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 20 Dec 2024 09:13:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 09:13:11 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
130423
x-xss-protection
0
server
Google Tag Manager
nominalia_com_logo_white.svg
cdn.teamblue.services/nominalia.com/img/
5 KB
6 KB
Image
General
Full URL
https://cdn.teamblue.services/nominalia.com/img/nominalia_com_logo_white.svg
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/serve.php?file=firstLevel/header,firstLevel/headerInner,social/login,standardLogin/login,firstLevel/footer,welcome&lang=spa
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.57.79 , Italy, ASN39729 (REGISTER-AS REGISTER S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
3a8ed95956c538aa7126204c93d5911eecad83a8d47bfdec2c491bee313e0c67
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

Strict-Transport-Security
max-age=15768000;
Cache-Control
max-age=31536000, max-age=31536000, public
ETag
"64808925-15ca"
Pragma
public
Expires
Sat, 20 Dec 2025 09:13:11 GMT
Accept-Ranges
bytes
Content-Length
5578
Date
Fri, 20 Dec 2024 09:13:11 GMT
Content-Type
image/svg+xml
Last-Modified
Wed, 07 Jun 2023 13:41:57 GMT
X-Frame-Options
SAMEORIGIN
icons.png
www.nominalia.com/_img/header/
2 KB
3 KB
Image
General
Full URL
https://www.nominalia.com/_img/header/icons.png
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/serve.php?file=firstLevel/header,firstLevel/headerInner,social/login,standardLogin/login,firstLevel/footer,welcome&lang=spa
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS REGISTER S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
338bdf9c4446455369ed41fbcbee7cdb1944b938225e7b5600cd79d689b4e167
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.nominalia.com/
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

Strict-Transport-Security
max-age=15768000;
Content-Security-Policy
frame-ancestors 'self' https://*.nominalia.com/
ETag
"1061d86-99e-5f4a82d1b4c00"
Accept-Ranges
bytes, bytes
Content-Length
2462
Date
Fri, 20 Dec 2024 09:13:11 GMT
Last-Modified
Tue, 14 Feb 2023 12:33:52 GMT
Vary
X-Forwarded-Proto
Content-Type
image/png
X-Frame-Options
SAMEORIGIN
arrows.png
www.nominalia.com/_img/header/
246 B
646 B
Image
General
Full URL
https://www.nominalia.com/_img/header/arrows.png
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/serve.php?file=firstLevel/header,firstLevel/headerInner,social/login,standardLogin/login,firstLevel/footer,welcome&lang=spa
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS REGISTER S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
28e56b80ff8f737648c27d108b8d66375c59d41dc99fbe04c4f1e8a28d56281d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.nominalia.com/
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

Strict-Transport-Security
max-age=15768000;
Content-Security-Policy
frame-ancestors 'self' https://*.nominalia.com/
ETag
"1061d6c-f6-5f4a82d1b4c00"
Accept-Ranges
bytes, bytes
Content-Length
246
Date
Fri, 20 Dec 2024 09:13:11 GMT
Last-Modified
Tue, 14 Feb 2023 12:33:52 GMT
Vary
X-Forwarded-Proto
Content-Type
image/png
X-Frame-Options
SAMEORIGIN
404.html
www.nominalia.com/
Redirect Chain
  • https://www.nominalia.com/_img/header/flags_ln
  • https://www.nominalia.com/404.html
0
0

welcome.jpg
controlpanel.nominalia.com/static/img/
65 KB
65 KB
Image
General
Full URL
https://controlpanel.nominalia.com/static/img/welcome.jpg
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/serve.php?file=firstLevel/header,firstLevel/headerInner,social/login,standardLogin/login,firstLevel/footer,welcome&lang=spa
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS REGISTER S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
e6584f14d4039a010b9e2b3d1ec27c6dbf47ee65d9eea3412f4146d64e1b5f93
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.nominalia.com/
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/serve.php?file=firstLevel/header,firstLevel/headerInner,social/login,standardLogin/login,firstLevel/footer,welcome&lang=spa

Response headers

Strict-Transport-Security
max-age=15768000;
Content-Security-Policy
frame-ancestors 'self' https://*.nominalia.com/
ETag
"461c47-1032f-5f4a6e805dc80"
Accept-Ranges
bytes, bytes
Content-Length
66351
Date
Fri, 20 Dec 2024 09:13:11 GMT
Last-Modified
Tue, 14 Feb 2023 11:02:58 GMT
Content-Type
image/jpeg
X-Frame-Options
SAMEORIGIN
footer-social-network.png
controlpanel.nominalia.com/static/img/
9 KB
9 KB
Image
General
Full URL
https://controlpanel.nominalia.com/static/img/footer-social-network.png
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/serve.php?file=firstLevel/header,firstLevel/headerInner,social/login,standardLogin/login,firstLevel/footer,welcome&lang=spa
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS REGISTER S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
97b77869d4b1030aeb4b0e58ebb4997a1766d09335140903c6e791734a79034f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.nominalia.com/
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/serve.php?file=firstLevel/header,firstLevel/headerInner,social/login,standardLogin/login,firstLevel/footer,welcome&lang=spa

Response headers

Strict-Transport-Security
max-age=15768000;
Content-Security-Policy
frame-ancestors 'self' https://*.nominalia.com/
ETag
"1083a5d-23bc-606f3c4646f80"
Accept-Ranges
bytes, bytes
Content-Length
9148
Date
Fri, 20 Dec 2024 09:13:11 GMT
Last-Modified
Thu, 05 Oct 2023 08:18:22 GMT
Content-Type
image/png
X-Frame-Options
SAMEORIGIN
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,300italic,400italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://controlpanel.nominalia.com
Referer
https://fonts.googleapis.com/

Response headers

age
150630
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 15:22:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 15:22:41 GMT
last-modified
Thu, 01 Jun 2023 22:52:58 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14780
x-xss-protection
0
server
sffe
fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://controlpanel.nominalia.com
Referer
https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Response headers

cdn-status
200
cf-cache-status
HIT
etag
"af7ae505a9eed503f8b8e6982036873e"
age
6909511
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-type
font/woff2
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat
10/31/2023 19:08:24
cdn-cache
HIT
priority
u=0,i=?0
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
252412
cdn-proxyver
1.04
accept-ranges
bytes
content-length
77160
cdn-edgestorageid
752
server
cloudflare
cdn-requestcountrycode
US
date
Fri, 20 Dec 2024 09:13:11 GMT
vary
Accept-Encoding
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requesttime
0
timing-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
1edc5a3a317c651d38e27c97056c2d0a
cross-origin-resource-policy
cross-origin
cf-ray
8f4e83d7ad471992-FRA
access-control-allow-origin
*
6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkids18Q.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkids18Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,300italic,400italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
c5bf2b44104c6ae4bdc5ccaf16169c7d3bf8ea750cdde9cae7cc6dd0973a0dd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://controlpanel.nominalia.com
Referer
https://fonts.googleapis.com/

Response headers

age
298034
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 16 Dec 2025 22:25:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 22:25:57 GMT
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14104
x-xss-protection
0
server
sffe
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,300italic,400italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://controlpanel.nominalia.com
Referer
https://fonts.googleapis.com/

Response headers

age
62232
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 15:55:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 15:55:59 GMT
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14892
x-xss-protection
0
server
sffe
he-man_all.min.js
trk.nominalia.com/js/
231 KB
90 KB
Script
General
Full URL
https://trk.nominalia.com/js/he-man_all.min.js?v=2.1.49&ma=ma_enabled
Requested by
Host: trk.nominalia.com
URL: https://trk.nominalia.com/js/trk_standalone.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS REGISTER S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
ac7d595fd9cf31c3c58da8a63e7a0278b13675b3964863beafc2fd53d1650b0c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"67600ead-39a19"
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
DELETE, GET, HEAD, POST, PUT, OPTIONS
Date
Fri, 20 Dec 2024 09:13:11 GMT
Content-Type
application/javascript
Last-Modified
Mon, 16 Dec 2024 11:27:41 GMT
Vary
Accept-Encoding
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN, X-XSRF-TOKEN
index.html
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/ Frame 4234
0
0
Document
General
Full URL
https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=4a89bef20000640005048578
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-60.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://controlpanel.nominalia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
19327
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Fri, 20 Dec 2024 03:51:04 GMT
etag
W/"246fe79bdfb2a528838ac6b26c7d63f6"
last-modified
Mon, 09 Dec 2024 08:25:53 GMT
server
AmazonS3
strict-transport-security
max-age=31536000
vary
accept-encoding
via
1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-id
JdF8aPYRrfsUU-q5K_wY6l2kAFg89EOMaAIkNJis4PUecwldYOLT4Q==
x-amz-cf-pop
FRA56-P4
x-amz-meta-cache-control
max-age=86400
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
glyphicons-halflings-regular.woff
controlpanel.nominalia.com/static/fonts/
23 KB
23 KB
Font
General
Full URL
https://controlpanel.nominalia.com/static/fonts/glyphicons-halflings-regular.woff
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/welcome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS REGISTER S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.nominalia.com/
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://controlpanel.nominalia.com
Referer
https://controlpanel.nominalia.com/welcome.html

Response headers

Strict-Transport-Security
max-age=15768000;
Content-Security-Policy
frame-ancestors 'self' https://*.nominalia.com/
ETag
"46166d-5b18-5f4a6e805dc80"
Accept-Ranges
bytes, bytes
Content-Length
23320
Date
Fri, 20 Dec 2024 09:13:11 GMT
Last-Modified
Tue, 14 Feb 2023 11:02:58 GMT
Content-Type
application/x-font-woff
X-Frame-Options
SAMEORIGIN
cmp_iub_style.min.css
srv.cmp-teamblue.services/js/
12 KB
12 KB
Stylesheet
General
Full URL
https://srv.cmp-teamblue.services/js/cmp_iub_style.min.css?v=1.1.21
Requested by
Host: srv.cmp-teamblue.services
URL: https://srv.cmp-teamblue.services/js/cmp_all.min.js?v=1.1.21
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.57.79 , Italy, ASN39729 (REGISTER-AS REGISTER S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
256a128af4351048595847d416b562bb0b8c57c3164b20a72d345d8a117604b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

ETag
"67161f60-2fee"
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
DELETE, GET, HEAD, POST, PUT, OPTIONS
Accept-Ranges
bytes
Content-Length
12270
Date
Fri, 20 Dec 2024 09:13:11 GMT
Content-Type
text/css
Last-Modified
Mon, 21 Oct 2024 09:31:12 GMT
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
iubenda_cs.js
cdn.iubenda.com/cs/
2 KB
1 KB
Script
General
Full URL
https://cdn.iubenda.com/cs/iubenda_cs.js?v=1.1.21
Requested by
Host: srv.cmp-teamblue.services
URL: https://srv.cmp-teamblue.services/js/cmp_all.min.js?v=1.1.21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::879:1 , Netherlands, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),
Reverse DNS
Software
BunnyCDN-AMS1-879 /
Resource Hash
c16f492ea7f86e5fa6e96524a34535c9941c869b0605ec1376f56897cb1efc84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

cdn-status
200
content-encoding
br
etag
"675ffdb9-2c4"
expires
Mon, 16 Dec 2024 12:51:06 GMT
p3p
CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
date
Fri, 20 Dec 2024 09:13:11 GMT
last-modified
Mon, 16 Dec 2024 10:15:21 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains
cdn-cachedat
12/16/2024 11:51:06
cache-control
public, must-revalidate, proxy-revalidate, max-age=3600
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
a7bd0c3f-43db-400a-80e2-073f933f3c99
cdn-requestid
4097cb2b469d328e3bee89865ea49910
cdn-pullzone
954456
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
1056
server
BunnyCDN-AMS1-879
cdn-requestcountrycode
IT
anchor
www.google.com/recaptcha/api2/ Frame DB0E
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc0d5wUAAAAAI19ULrgr5-LFrPP0Nx3AMrKm4_H&co=aHR0cHM6Ly9jb250cm9scGFuZWwubm9taW5hbGlhLmNvbTo0NDM.&hl=es&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&sa=login_pdc&cb=sn1rn1mwbkzd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__es.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_HBIFjvubwjt8F8e1J6zrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://controlpanel.nominalia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_HBIFjvubwjt8F8e1J6zrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Dec 2024 09:13:11 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
he-man_server
trk.nominalia.com/server/
0
2 KB
Image
General
Full URL
https://trk.nominalia.com/server/he-man_server?tkq=dHJrQ19lU0YlM0Rjb250cm9scGFuZWwubm9taW5hbGlhLmNvbSUyNTJGd2VsY29tZS5odG1sJTI2dHJrQ19lU1VCJTNEY29udHJvbHBhbmVsLm5vbWluYWxpYS5jb20lMjZjRE9NJTNELm5vbWluYWxpYS5jb20lMjZ0cmtDX2VIUiUzRCUyNnRya0NfZVVBJTNETW96aWxsYSUyNTJGNS4wJTI1MjAlMjhYMTElMjUzQiUyNTIwTGludXglMjUyMHg4Nl82NCUyOSUyNTIwQXBwbGVXZWJLaXQlMjUyRjUzNy4zNiUyNTIwJTI4S0hUTUwlMjUyQyUyNTIwbGlrZSUyNTIwR2Vja28lMjklMjUyMENocm9tZSUyNTJGMTMxLjAuMC4wJTI1MjBTYWZhcmklMjUyRjUzNy4zNiUyNnRya0NfbGFuJTNEaXQlMjZ0cmtDX2VRUyUzRCUyNnRya0NfZnJhZ21lbnQlM0QlMjZlUEFHVkFSUyUzRGJXRWxNMFF4SlRJMmRISnJRMTlzYjJkblpXUWxNMFF3SlRJMmRISnJRMTlvWVhOb0pUTkVNVGN6TkRZNE5UazVNVGN3TVY5eWJqWnZlbU42YTI5Nlh6RnpNemx0ZURFbE1qWjBjbXREWDNCeWNTVXpSREFsTWpaMGNtdERYMlZSVXlVelJBJTI1M0QlMjUzRCUyNnRya19pbnRlcm5hbCUzRGZhbHNlJTI2c2V0TWFpbkNvb2tpZXMlM0R0cnVl
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/welcome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS REGISTER S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

Access-Control-Allow-Methods
DELETE, GET, HEAD, POST, PUT, OPTIONS
Transfer-Encoding
chunked
Date
Fri, 20 Dec 2024 09:13:11 GMT
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN, X-XSRF-TOKEN
he-man_messages
trk.nominalia.com/messages/
0
345 B
Image
General
Full URL
https://trk.nominalia.com/messages/he-man_messages?tke=JTdCJTIyaGFzaCUyMiUzQSUyMjE3MzQ2ODU5OTE3MDFfcm42b3pjemtvel8xczM5bXgxJTIyJTJDJTIyZG9tYWluJTIyJTNBJTIybm9taW5hbGlhLmNvbSUyMiUyQyUyMmZpZWxkJTIyJTNBJTIybWF0aCUyMiUyQyUyMm1vZGUlMjIlM0ElMjJzZXQlMjIlMkMlMjJtZXNzYWdlJTIyJTNBJTdCJTIydHJhY2tlcl92ZXJzaW9uJTIyJTNBJTIyMi4xLjQ5JTIyJTJDJTIycXMlMjIlM0ElN0IlN0QlMkMlMjJwYWdlJTIyJTNBJTIyY29udHJvbHBhbmVsLm5vbWluYWxpYS5jb20vd2VsY29tZS5odG1sJTIyJTJDJTIydXNlcl9hZ2VudCUyMiUzQSUyMk1vemlsbGEvNS4wJTIwJTI4WDExJTNCJTIwTGludXglMjB4ODZfNjQlMjklMjBBcHBsZVdlYktpdC81MzcuMzYlMjAlMjhLSFRNTCUyQyUyMGxpa2UlMjBHZWNrbyUyOSUyMENocm9tZS8xMzEuMC4wLjAlMjBTYWZhcmkvNTM3LjM2JTIyJTJDJTIydHJrX2ludGVybmFsJTIyJTNBZmFsc2UlMkMlMjJyZXNvbHV0aW9uJTIyJTNBJTdCJTIyaGVpZ2h0JTIyJTNBMTIwMCUyQyUyMndpZHRoJTIyJTNBMTYwMCU3RCUyQyUyMmZwJTIyJTNBJTIyMWY1MTAwZTk1ZDIzNjI0N2Q5MjVkYzAxNTMzYzdmMjclMjIlN0QlN0Q=
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/welcome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS REGISTER S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

Access-Control-Allow-Methods
DELETE, GET, HEAD, POST, PUT, OPTIONS
Transfer-Encoding
chunked
Date
Fri, 20 Dec 2024 09:13:11 GMT
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN, X-XSRF-TOKEN
core-es.js
cdn.iubenda.com/cookie_solution/iubenda_cs/1.72.0/
354 KB
70 KB
Script
General
Full URL
https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.72.0/core-es.js
Requested by
Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cs/iubenda_cs.js?v=1.1.21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::879:1 , Netherlands, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),
Reverse DNS
Software
BunnyCDN-AMS1-879 /
Resource Hash
c42918d3dad2e21dd4e055f2c8628b8dec51e4208226371c255767d1244298b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

cdn-status
200
content-encoding
br
etag
"675ffdb8-11367"
expires
Tue, 16 Dec 2025 13:14:23 GMT
p3p
CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
date
Fri, 20 Dec 2024 09:13:11 GMT
last-modified
Mon, 16 Dec 2024 10:15:20 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains
cdn-cachedat
12/16/2024 13:14:23
cache-control
public, must-revalidate, proxy-revalidate, max-age=31536000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
a7bd0c3f-43db-400a-80e2-073f933f3c99
cdn-requestid
26d110845768d19d78244d605a7615d4
cdn-pullzone
954456
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
1056
server
BunnyCDN-AMS1-879
cdn-requestcountrycode
IT
js
www.googletagmanager.com/gtag/
417 KB
134 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GS6SVFHYCG&l=dataLayer&cx=c&gtm=45He4cc1v71069426za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPQXFB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
41ff4502da39801b78ebc40b3fb0c7b6b5e31c6cdd52697b85b6b364e4c81e77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 20 Dec 2024 09:13:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 09:13:11 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
136491
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/welcome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-g1YhVwHQ' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Dec 2024 09:13:11 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-g1YhVwHQ' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=49, rtx=0, c=23, mss=1232, tbw=4482, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
zgEMiGrDJQA729rK3Oznou6xb7R2j4dCP5g1hLTG7C+b0SDnREDBXG+EXd9mGc6/gQVZV4NQJ/ny1RMVL6dTuw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62282
x-xss-protection
0
origin-agent-cluster
?1
be.js
tracker.metricool.com/resources/
379 B
2 KB
Script
General
Full URL
https://tracker.metricool.com/resources/be.js
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/welcome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4e62a8daa779d16b2c25d343db85f6501e334632b0eeafd7d9f5bc5b8f96367
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' https://metricool.com https://*.metricool.com https://client.crisp.chat https://*.paypal.com https://*.cardinalcommerce.com https://www.paypalobjects.com https://*.stripe.com https://b.stripecdn.com https://hcaptcha.com https://newassets.hcaptcha.com https://*.braintree-api.com https://*.braintreegateway.com https://*.googleapis.com https://*.google-analytics.com https://*.googlesyndication.com https://*.analytics.google.com https://*.profitwell.com https://*.userpilot.io wss://*.userpilot.io https://sessions.bugsnag.com https://api.rudderstack.com wss://client.relay.crisp.chat https://storage.crisp.chat https://analytics.tiktok.com https://www.gstatic.com https://cdn.rudderlabs.com https://static.ads-twitter.com https://www.google.com https://www.googletagmanager.com https://3ds.redsys.es https://stats.g.doubleclick.net https://www.facebook.com https://connect.facebook.net https://business.facebook.com https://api.twitter.com https://platform.twitter.com https://*.pexels.com https://dna8twue3dlxq.cloudfront.net https://d2wy8f7a9ursnm.cloudfront.net https://*.google.com https://jimmywarting.github.io https://*.cdninstagram.com https://*.fbcdn.net https://i.ytimg.com https://cc-embed.adobe.com https://new.express.adobe.com https://cc-api-data.adobe.io https://assets.adobedtm.com https://cdn.cookielaw.org https://www.adobe.com https://app.link;img-src https: data: blob:; media-src https: data: blob:; form-action https://tracker.metricool.com https://app.facebook.com https://www.facebook.com https://api.twitter.com https://www.x.com; font-src 'self' https://*.metricool.com https://fonts.gstatic.com https://client.crisp.chat data:; frame-ancestors https://*.metricool.com https://ads.tiktok.com https://new.express.adobe.com
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

content-encoding
br
cf-cache-status
HIT
age
69844
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A7wTtBGY9r%2B2HFA%2FOYVE522ID%2F1QxEZml1tkmVHxC%2FXGMCJwzXD5DiaGymY%2BSm7wGrWEG1L8UwdWM%2FjMBHKaaNNl1WxnBO0uyq1j9UXOYG8Bs5BCCIpkTmRZCLanmolCjNXBZu0ssg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 21 Dec 2024 13:49:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=38832&min_rtt=38794&rtt_var=14624&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4282&recv_bytes=4246&delivery_rate=83676&cwnd=12000&unsent_bytes=0&cid=db51e9b3e9357951&ts=58&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 09:13:11 GMT
content-type
application/javascript
last-modified
Thu, 19 Dec 2024 07:05:38 GMT
vary
Accept-Encoding
priority
u=3,i=?0
content-security-policy
default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' https://metricool.com https://*.metricool.com https://client.crisp.chat https://*.paypal.com https://*.cardinalcommerce.com https://www.paypalobjects.com https://*.stripe.com https://b.stripecdn.com https://hcaptcha.com https://newassets.hcaptcha.com https://*.braintree-api.com https://*.braintreegateway.com https://*.googleapis.com https://*.google-analytics.com https://*.googlesyndication.com https://*.analytics.google.com https://*.profitwell.com https://*.userpilot.io wss://*.userpilot.io https://sessions.bugsnag.com https://api.rudderstack.com wss://client.relay.crisp.chat https://storage.crisp.chat https://analytics.tiktok.com https://www.gstatic.com https://cdn.rudderlabs.com https://static.ads-twitter.com https://www.google.com https://www.googletagmanager.com https://3ds.redsys.es https://stats.g.doubleclick.net https://www.facebook.com https://connect.facebook.net https://business.facebook.com https://api.twitter.com https://platform.twitter.com https://*.pexels.com https://dna8twue3dlxq.cloudfront.net https://d2wy8f7a9ursnm.cloudfront.net https://*.google.com https://jimmywarting.github.io https://*.cdninstagram.com https://*.fbcdn.net https://i.ytimg.com https://cc-embed.adobe.com https://new.express.adobe.com https://cc-api-data.adobe.io https://assets.adobedtm.com https://cdn.cookielaw.org https://www.adobe.com https://app.link;img-src https: data: blob:; media-src https: data: blob:; form-action https://tracker.metricool.com https://app.facebook.com https://www.facebook.com https://api.twitter.com https://www.x.com; font-src 'self' https://*.metricool.com https://fonts.gstatic.com https://client.crisp.chat data:; frame-ancestors https://*.metricool.com https://ads.tiktok.com https://new.express.adobe.com
cache-control
max-age=172800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8f4e83d93d591c60-FRA
server
cloudflare
js
www.googletagmanager.com/gtag/
285 KB
99 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1064193948
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPQXFB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c1216cf751386d5a8dda8d3a92e63734e7070845f79d4866b1e4baa1612ccc0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 20 Dec 2024 09:13:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 09:13:11 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100822
x-xss-protection
0
server
Google Tag Manager
o12isykub4
www.clarity.ms/tag/
739 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/o12isykub4?ref=gtm2
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/welcome.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d3301d4877d87d96117d66bc26bd4fe655f91143a2cc956e374f1acadbd5de6b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
739
date
Fri, 20 Dec 2024 09:13:11 GMT
content-type
application/x-javascript
x-azure-ref
20241220T091311Z-17f56c4b8656k7rmhC1FRA6zmw0000000ad000000000ganh
c3po.jpg
tracker.metricool.com/
70 B
2 KB
Image
General
Full URL
https://tracker.metricool.com/c3po.jpg?hash=e8aa786226f4bb04c6489323a7e95d3c&u=https%3A%2F%2Fcontrolpanel.nominalia.com%2Fwelcome.html&bw=1600&bh=1200
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/welcome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' https://metricool.com https://*.metricool.com https://client.crisp.chat https://*.paypal.com https://*.cardinalcommerce.com https://www.paypalobjects.com https://*.stripe.com https://b.stripecdn.com https://hcaptcha.com https://newassets.hcaptcha.com https://*.braintree-api.com https://*.braintreegateway.com https://*.googleapis.com https://*.google-analytics.com https://*.googlesyndication.com https://*.analytics.google.com https://*.profitwell.com https://*.userpilot.io wss://*.userpilot.io https://sessions.bugsnag.com https://api.rudderstack.com wss://client.relay.crisp.chat https://storage.crisp.chat https://analytics.tiktok.com https://www.gstatic.com https://cdn.rudderlabs.com https://static.ads-twitter.com https://www.google.com https://www.googletagmanager.com https://3ds.redsys.es https://stats.g.doubleclick.net https://www.facebook.com https://connect.facebook.net https://business.facebook.com https://api.twitter.com https://platform.twitter.com https://*.pexels.com https://dna8twue3dlxq.cloudfront.net https://d2wy8f7a9ursnm.cloudfront.net https://*.google.com https://jimmywarting.github.io https://*.cdninstagram.com https://*.fbcdn.net https://i.ytimg.com https://cc-embed.adobe.com https://new.express.adobe.com https://cc-api-data.adobe.io https://assets.adobedtm.com https://cdn.cookielaw.org https://www.adobe.com https://app.link;img-src https: data: blob:; media-src https: data: blob:; form-action https://tracker.metricool.com https://app.facebook.com https://www.facebook.com https://api.twitter.com https://www.x.com; font-src 'self' https://*.metricool.com https://fonts.gstatic.com https://client.crisp.chat data:; frame-ancestors https://*.metricool.com https://ads.tiktok.com https://new.express.adobe.com
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SlQwzsLMcOvWN%2BAL9yLQvXVfx994f3fgAhu7Ew1sjnH2dGbrxI9ga1xPf4hM80tY4WjWFlYvPrUAeQdUD2S8ae%2FSPVmBp6AvSOgdSVrtcKofeg9etQmOzsyvT%2F0UnivYDzEiJSOkOw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=41013&min_rtt=34771&rtt_var=11166&sent=16&recv=12&lost=0&retrans=0&sent_bytes=6656&recv_bytes=4846&delivery_rate=605&cwnd=12000&unsent_bytes=0&cid=db51e9b3e9357951&ts=140&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 09:13:11 GMT
content-type
image/png
vary
Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' https://metricool.com https://*.metricool.com https://client.crisp.chat https://*.paypal.com https://*.cardinalcommerce.com https://www.paypalobjects.com https://*.stripe.com https://b.stripecdn.com https://hcaptcha.com https://newassets.hcaptcha.com https://*.braintree-api.com https://*.braintreegateway.com https://*.googleapis.com https://*.google-analytics.com https://*.googlesyndication.com https://*.analytics.google.com https://*.profitwell.com https://*.userpilot.io wss://*.userpilot.io https://sessions.bugsnag.com https://api.rudderstack.com wss://client.relay.crisp.chat https://storage.crisp.chat https://analytics.tiktok.com https://www.gstatic.com https://cdn.rudderlabs.com https://static.ads-twitter.com https://www.google.com https://www.googletagmanager.com https://3ds.redsys.es https://stats.g.doubleclick.net https://www.facebook.com https://connect.facebook.net https://business.facebook.com https://api.twitter.com https://platform.twitter.com https://*.pexels.com https://dna8twue3dlxq.cloudfront.net https://d2wy8f7a9ursnm.cloudfront.net https://*.google.com https://jimmywarting.github.io https://*.cdninstagram.com https://*.fbcdn.net https://i.ytimg.com https://cc-embed.adobe.com https://new.express.adobe.com https://cc-api-data.adobe.io https://assets.adobedtm.com https://cdn.cookielaw.org https://www.adobe.com https://app.link;img-src https: data: blob:; media-src https: data: blob:; form-action https://tracker.metricool.com https://app.facebook.com https://www.facebook.com https://api.twitter.com https://www.x.com; font-src 'self' https://*.metricool.com https://fonts.gstatic.com https://client.crisp.chat data:; frame-ancestors https://*.metricool.com https://ads.tiktok.com https://new.express.adobe.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8f4e83d98d991c60-FRA
server
cloudflare
destination
www.googletagmanager.com/gtag/
428 KB
136 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-M05VCCK8H1&l=dataLayer&cx=c&gtm=45je4cc1v9130502658za200zb71069426
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GS6SVFHYCG&l=dataLayer&cx=c&gtm=45He4cc1v71069426za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b87a22c037c35668dc6c25bdebf4cf03f57761c4e8778be0667fd03c1d245b0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Fri, 20 Dec 2024 09:13:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 09:13:11 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
138996
x-xss-protection
0
server
Google Tag Manager
68031966.js
cs.iubenda.com/cookie-solution/confs/js/
228 B
758 B
Script
General
Full URL
https://cs.iubenda.com/cookie-solution/confs/js/68031966.js
Requested by
Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.72.0/core-es.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1206:2 Chicago, United States, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),
Reverse DNS
Software
BunnyCDN-IL1-1206 /
Resource Hash
948eb7955838aed4557b2ca2a32a4de23226b708ba1c90b8377e37428621f879
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

cdn-status
200
content-encoding
br
etag
"6703b293-e4"
expires
Mon, 07 Oct 2024 12:43:58 GMT
date
Fri, 20 Dec 2024 09:13:12 GMT
last-modified
Mon, 07 Oct 2024 10:06:11 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains
cdn-cachedat
10/07/2024 11:43:58
cache-control
public, max-age=3600
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
a7bd0c3f-43db-400a-80e2-073f933f3c99
cdn-requestid
044399f764124155652f54dfb1f41113
access-control-allow-credentials
true
cdn-pullzone
1019485
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
1206
server
BunnyCDN-IL1-1206
cdn-requestcountrycode
IT
610268905737747
connect.facebook.net/signals/config/
70 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/610268905737747?v=2.9.179&r=stable&domain=controlpanel.nominalia.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
e13efc4489744b3c49969373abc50ef7f613ff3a951112b759f1ab12c292caf2
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-dZbikJvr' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Dec 2024 09:13:12 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-dZbikJvr' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=48, rtx=0, c=77, mss=1232, tbw=70498, tp=65, tpl=0, uplat=114, ullat=0
pragma
public
x-fb-debug
zJZSZaPCSl+CNdiQAHfWCohFrf4y0/dDgPREzLCnNMVhnK2IocLbs/ulclbQCuIglhqaRXQBAm0AbhHwLTryNw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
clarity.js
www.clarity.ms/s/0.7.59/
67 KB
28 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.59/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/o12isykub4?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

x-azure-ref
20241220T091312Z-17f56c4b8656k7rmhC1FRA6zmw0000000ad000000000ganu
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD202F1480E82A"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
fecc4d09-801e-0067-666d-523e27000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 20 Dec 2024 09:13:12 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 19 Dec 2024 13:14:33 GMT
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=610268905737747&ev=PageView&dl=https%3A%2F%2Fcontrolpanel.nominalia.com%2Fwelcome.html&rl=&if=false&ts=1734685992146&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734685992145.19400719487379336&ler=empty&cdl=API_unavailable&it=1734685991968&coo=false&rqm=GET
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/welcome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=23, mss=1232, tbw=4531, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 20 Dec 2024 09:13:12 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
198 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=610268905737747&ev=PageView&dl=https%3A%2F%2Fcontrolpanel.nominalia.com%2Fwelcome.html&rl=&if=false&ts=1734685992146&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734685992145.19400719487379336&ler=empty&cdl=API_unavailable&it=1734685991968&coo=false&rqm=FGET
Requested by
Host: controlpanel.nominalia.com
URL: https://controlpanel.nominalia.com/welcome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7450419605864703357"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x922617519e9b7c25","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["6127029224037433"]},"debug_reporting":true,"debug_key":"3609630992000606633"}
date
Fri, 20 Dec 2024 09:13:12 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
tOf9S5tuYp7kw1JqLAaTLSLoNWzGaOpX46qOOcy2fuoiKUBYLjEHvj4w2PmKj6ut1cneQEsJq3RVOqIgTcNgvQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7450419605864703357", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=23, mss=1232, tbw=4899, tp=13, tpl=0, uplat=166, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
o.clarity.ms/
0
290 B
XHR
General
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://controlpanel.nominalia.com/

Response headers

Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
Access-Control-Allow-Origin
https://controlpanel.nominalia.com
Date
Fri, 20 Dec 2024 09:13:12 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F5F58E2E407148BE98F447866E2BDFB0&RedC=c.clarity.ms&MXFR=3177C63D948560B5266BD36690856E3B
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F5F58E2E407148BE98F447866E2BDFB0&MUID=02DC3BA2678B61902BC72EF96631609E
42 B
440 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F5F58E2E407148BE98F447866E2BDFB0&MUID=02DC3BA2678B61902BC72EF96631609E
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"9270eb7934bdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Fri, 20 Dec 2024 09:13:12 GMT
content-type
image/gif
last-modified
Tue, 10 Dec 2024 13:00:24 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F5F58E2E407148BE98F447866E2BDFB0&MUID=02DC3BA2678B61902BC72EF96631609E
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 36359B7021E7468F99D662C04A731ADD Ref B: ZRHEDGE1715 Ref C: 2024-12-20T09:13:12Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Fri, 20 Dec 2024 09:13:12 GMT
x-powered-by
ASP.NET
favicon.ico
www.nominalia.com/
1 KB
2 KB
Other
General
Full URL
https://www.nominalia.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS REGISTER S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
35e08c44fa137aa0bff2f24305cfd91b381218435d53351480ad626cbd2b58d3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.nominalia.com/
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

Strict-Transport-Security
max-age=15768000;
Content-Security-Policy
frame-ancestors 'self' https://*.nominalia.com/
ETag
"10231ad-47e-5f4a82d2a8e40"
Accept-Ranges
bytes, bytes
Content-Length
1150
Date
Fri, 20 Dec 2024 09:13:12 GMT
Last-Modified
Tue, 14 Feb 2023 12:33:53 GMT
Vary
X-Forwarded-Proto
Content-Type
image/vnd.microsoft.icon
X-Frame-Options
SAMEORIGIN
csdata
idb.iubenda.com/
0
607 B
XHR
General
Full URL
https://idb.iubenda.com/csdata?db=hits1
Requested by
Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.72.0/core-es.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://controlpanel.nominalia.com/

Response headers

access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
date
Fri, 20 Dec 2024 09:13:12 GMT
cdn-cachedat
12/20/2024 09:13:12
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cdn-requestpullcode
204
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=0
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
a7bd0c3f-43db-400a-80e2-073f933f3c99
x-influxdb-build
OSS
access-control-allow-credentials
true
cdn-pullzone
967785
cdn-proxyver
1.06
cdn-requestid
a158ae6d8bd31026543d00de98a99e0f
access-control-allow-origin
*
x-influxdb-version
v2.7.5
cdn-edgestorageid
1081
server
BunnyCDN-DE1-1081
cdn-requestcountrycode
IT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GS6SVFHYCG&gtm=45je4cc1v9130502658z871069426za200zb71069426&_p=1734685991544&gcs=G100&gcd=13q3qPq2q5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1201564321.1734685993&ecid=1743255690&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_s=1&sid=1734685991&sct=1&seg=0&dl=https%3A%2F%2Fcontrolpanel.nominalia.com%2Fwelcome.html&dt=Panel%20de%20Control&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1775
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GS6SVFHYCG&l=dataLayer&cx=c&gtm=45He4cc1v71069426za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://controlpanel.nominalia.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 09:13:12 GMT
content-type
text/plain
server
Golfe2
collect
pagead2.googlesyndication.com/ccm/
0
0
Ping
General
Full URL
https://pagead2.googlesyndication.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fcontrolpanel.nominalia.com%2Fwelcome.html&scrsrc=www.googletagmanager.com&frm=0&rnd=1261116886.1734685993&navt=n&npa=1&gtm=45be4cc1v9178224217za200&gcs=G100&gcd=13q3qPq2q5l1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734685992524&tfd=1778&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1064193948
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-M05VCCK8H1&gtm=45je4cc1v889955418z871069426za200zb9130502658&_p=1734685991544&gcs=G100&gcd=13q3qPq2q5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1201564321.1734685993&ecid=1954812674&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1734685992&sct=1&seg=0&dl=https%3A%2F%2Fcontrolpanel.nominalia.com%2Fwelcome.html&dt=Panel%20de%20Control&en=undefined&_fv=1&_ss=1&tfd=1785
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-M05VCCK8H1&l=dataLayer&cx=c&gtm=45je4cc1v9130502658za200zb71069426
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://controlpanel.nominalia.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 09:13:12 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-M05VCCK8H1&gtm=45je4cc1v889955418z871069426za200zb9130502658&_p=1734685991544&gcs=G100&gcd=13q3qPq2q5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1201564321.1734685993&ecid=1954812674&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_eu=YA&_s=2&cu=euro&sid=1734685992&sct=1&seg=0&dl=https%3A%2F%2Fcontrolpanel.nominalia.com%2Fwelcome.html&dt=Panel%20de%20Control&en=purchase&_c=1&pr1=k0product_code~v0Producto%201~k1bundle_id~v1P001~pr50.00~caCategor%C3%ADa%201~qt2&pr2=k0product_code~v0Producto%202~k1bundle_id~v1P002~pr25.00~caCategor%C3%ADa%202~qt1&ep.transaction_code=1234&ep.promotion_code=xxx&ep.value=100.00&ep.tax=10.00&ep.duration_type=yearly&ep.domain=montseherrero.com&_et=2&tfd=1788
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-M05VCCK8H1&l=dataLayer&cx=c&gtm=45je4cc1v9130502658za200zb71069426
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://controlpanel.nominalia.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 09:13:12 GMT
content-type
text/plain
server
Golfe2
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 5B65
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fcontrolpanel.nominalia.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1064193948
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
167819
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 10:36:13 GMT
expires
Thu, 18 Dec 2025 10:36:13 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
he-man_messages
trk.nominalia.com/messages/
0
345 B
Image
General
Full URL
https://trk.nominalia.com/messages/he-man_messages?tke=JTdCJTIyaGFzaCUyMiUzQSUyMjE3MzQ2ODU5OTE3MDFfcm42b3pjemtvel8xczM5bXgxJTIyJTJDJTIyZG9tYWluJTIyJTNBJTIybm9taW5hbGlhLmNvbSUyMiUyQyUyMmZpZWxkJTIyJTNBJTIycGVyZm9ybWFuY2UlMjIlMkMlMjJtb2RlJTIyJTNBJTIyc2V0JTIyJTJDJTIybWVzc2FnZSUyMiUzQSU3QiUyMnRpbWluZ3MlMjIlM0ElN0IlMjJwYWdlTG9hZFRpbWUlMjIlM0ExNjU4JTJDJTIyY29ubmVjdFRpbWUlMjIlM0ExODclMkMlMjJyZW5kZXJUaW1lJTIyJTNBMTE2NyU3RCUyQyUyMnJlc291cmNlcyUyMiUzQSU3QiUyMm51bWJlciUyMiUzQTUwJTJDJTIyc2l6ZSUyMiUzQTQ1NzE4NCU3RCUyQyUyMnBhZ2UlMjIlM0ElMjJjb250cm9scGFuZWwubm9taW5hbGlhLmNvbS93ZWxjb21lLmh0bWwlMjIlMkMlMjJ1c2VyX2FnZW50JTIyJTNBJTIyTW96aWxsYS81LjAlMjAlMjhYMTElM0IlMjBMaW51eCUyMHg4Nl82NCUyOSUyMEFwcGxlV2ViS2l0LzUzNy4zNiUyMCUyOEtIVE1MJTJDJTIwbGlrZSUyMEdlY2tvJTI5JTIwQ2hyb21lLzEzMS4wLjAuMCUyMFNhZmFyaS81MzcuMzYlMjIlN0QlN0Q=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS REGISTER S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://controlpanel.nominalia.com/

Response headers

Access-Control-Allow-Methods
DELETE, GET, HEAD, POST, PUT, OPTIONS
Transfer-Encoding
chunked
Date
Fri, 20 Dec 2024 09:13:12 GMT
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN, X-XSRF-TOKEN
collect
o.clarity.ms/
0
290 B
XHR
General
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://controlpanel.nominalia.com/

Response headers

Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
Access-Control-Allow-Origin
https://controlpanel.nominalia.com
Date
Fri, 20 Dec 2024 09:13:13 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.nominalia.com
URL
https://www.nominalia.com/404.html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Register.it (Online)

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| dp_common object| hierarch function| googleTrackEvent function| addCsrfInputToFormsIfMissed function| isInternalCall function| captchaFormCompleted object| CMP object| _dadaq object| TRK object| trk_ext function| start_tracker object| trk_dada function| gtag object| dataLayer object| Trustpilot object| cmp_api object| _iub object| closure_lm_609081 object| regeneratorRuntime object| trkcookie object| trk_math object| trk_ma object| lts_cookie object| session_cookie object| internal_cookie function| sendTrackerEvent function| track_page object| google_tag_manager object| google_tag_data function| dataTrackClick function| fbq function| _fbq function| loadScript function| clarity object| beTracker function| onYouTubeIframeAPIReady object| gaGlobal

21 Cookies

Domain/Path Name / Value
.nominalia.com/ Name: dpsid
Value: 9105upo3b9av4akl317b800mv7
.controlpanel.nominalia.com/ Name: TS012eaf72
Value: 01d0708b126bd13b4fff830ed73791aeaddc0f380a38bf5bba9ad4b857b088fdc6ad3559922fdee272fa8df33c65e89adddeb49be5e3c373ecc5797d09bc8d00f8b97348ea
.www.nominalia.com/ Name: TS018f422a
Value: 01d0708b1204fdf8660474a0b8d48dbceddb93e7112865dc337a27b353e1e48947cda9cacf81f84afcfc80b51c89ad7d0e88816203
.trk.nominalia.com/ Name: TS01650512
Value: 01d0708b1204fdf8660474a0b8d48dbceddb93e7112865dc337a27b353e1e48947cda9cacf81f84afcfc80b51c89ad7d0e88816203
.nominalia.com/ Name: _wicasa
Value: JSON_eyJjaWQiOiJhZmQ1M2NiNzIwZDcxOGEzZDBiYzFiMjk5MTljNGQzOCIsImNrdGltZSI6IjE3MzQ2ODU5OTEiLCJzY3AiOiIxIiwicGsiOiJBMDAiLCJja2Jvcm4iOiIxNzM0Njg1OTkxIiwibGFzdHJlZiI6ImNvbnRyb2xwYW5lbC5ub21pbmFsaWEuY29tXC93ZWxjb21lLmh0bWwiLCJsYXN0ZG9tc3JjIjoiIiwiaXNjbGkiOiIwIn0%3D
.nominalia.com/ Name: _ashkii
Value: JSON_eyJzaWQiOiJhZmQ1M2NiNzIwZDcxOGEzZDBiYzFiMjk5MTljNGQzOCIsImNrdGltZSI6IjE3MzQ2ODU5OTEiLCJzc3AiOiIxIiwicHAiOiJBMDAifQ%3D%3D
.nominalia.com/ Name: cookid
Value: afd53cb720d718a3d0bc1b29919c4d38
.nominalia.com/ Name: dbmFP
Value: afd53cb720d718a3d0bc1b29919c4d38.A00
.nominalia.com/ Name: dbmPK
Value: afd53cb720d718a3d0bc1b29919c4d38.A00
.nominalia.com/ Name: TS015d92a0
Value: 01d0708b127da24458b785c18e7b7a75700f3b03b638bf5bba9ad4b857b088fdc6ad3559925937d99bde27c9b50d5ceaa47ea8c9b197532e0bf829e1414b0baccd200bea372b0b4829934f96aa8b5b83b9114e92ffaa940c446f89e3f8b186b9bf4efba755f896e2a7a33cac21202926868157512804c1c3ac50cde057e06910a9af5dfc7f71b28ae02b57bdf0ebe51505481ec690
www.clarity.ms/ Name: CLID
Value: f4ab5bcb3b7441eb9436ceab87b28f56.20241220.20251220
.nominalia.com/ Name: _clck
Value: 1568guf%7C2%7Cfrv%7C0%7C1815
.nominalia.com/ Name: _fbp
Value: fb.1.1734685992145.19400719487379336
.nominalia.com/ Name: _clsk
Value: qlxxot%7C1734685992729%7C1%7C1%7Co.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 02DC3BA2678B61902BC72EF96631609E
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 02DC3BA2678B61902BC72EF96631609E
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 02DC3BA2678B61902BC72EF96631609E
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://controlpanel.nominalia.com/welcome.html
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
rendering warning URL: https://controlpanel.nominalia.com/welcome.html
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0A03722F4110000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://*.nominalia.com/
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
cdn.iubenda.com
cdn.teamblue.services
connect.facebook.net
controlpanel.nominalia.com
cs.iubenda.com
fonts.googleapis.com
fonts.gstatic.com
idb.iubenda.com
netdna.bootstrapcdn.com
o.clarity.ms
pagead2.googlesyndication.com
region1.google-analytics.com
srv.cmp-teamblue.services
tracker.metricool.com
trk.nominalia.com
widget.trustpilot.com
www.clarity.ms
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.nominalia.com
www.nominalia.com
104.18.11.207
13.74.129.1
142.250.185.67
142.250.186.132
157.240.0.35
157.240.0.6
172.217.16.200
172.217.23.98
172.67.72.173
2001:4860:4802:32::36
2400:52e0:1a00::1206:2
2400:52e0:1e00::1081:1
2400:52e0:1e01::879:1
2620:1ec:29:1::45
2620:1ec:c11::237
2a00:1450:4001:827::200a
2a00:1450:4001:828::2008
2a00:1450:4001:82f::2003
52.152.143.207
52.222.236.60
81.88.57.79
81.88.58.195
04dfbe2180b5cc069f7ef1ea3beb46549e3598957518245ab8269f5fc42380e5
083ffbb5861a57cf4f989e772d0abfda8ee7fc1a52d0bc0a5d485b6e0f20ea56
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
256a128af4351048595847d416b562bb0b8c57c3164b20a72d345d8a117604b2
28e56b80ff8f737648c27d108b8d66375c59d41dc99fbe04c4f1e8a28d56281d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3322e501f6f4fd67e699b8bcdb760441348f0880406bed1f57c163bdd920079b
338bdf9c4446455369ed41fbcbee7cdb1944b938225e7b5600cd79d689b4e167
35e08c44fa137aa0bff2f24305cfd91b381218435d53351480ad626cbd2b58d3
388bf7deb6289394a3165eb5bfd0219ef8f33a95ba3f3038e4ac367143c2f24b
3a8ed95956c538aa7126204c93d5911eecad83a8d47bfdec2c491bee313e0c67
3bd185a53638a20a7ab96d8ecd1ce355e78af3e3c9300ea473c91f40dcf9e25b
41ff4502da39801b78ebc40b3fb0c7b6b5e31c6cdd52697b85b6b364e4c81e77
448ef0632211ba18d7c1557a6d22250820ac3b4465ba2e73b7137f4dc4a31a12
625bb6b43d7db740f36142781328839755e3dbff27c169c946dcd903b9121809
6cb84ba2c69f18ec3d1aa6528d61f6e5c9b702ef0bcecc67dae190ccb5c76583
722c7a352a986df943de844781a8b1a807778b6bf3ac809b9d4f3d039a98823c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7fc7096a9970f725c02b9fc4d315ca91fe9027964697b6a488eccd12b5cbdfe1
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27
948eb7955838aed4557b2ca2a32a4de23226b708ba1c90b8377e37428621f879
97b77869d4b1030aeb4b0e58ebb4997a1766d09335140903c6e791734a79034f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac7d595fd9cf31c3c58da8a63e7a0278b13675b3964863beafc2fd53d1650b0c
b137cacd2117b97e93627cec4f01b023cf3e218110ebd6eb4041023f0a99a798
b4e62a8daa779d16b2c25d343db85f6501e334632b0eeafd7d9f5bc5b8f96367
b87a22c037c35668dc6c25bdebf4cf03f57761c4e8778be0667fd03c1d245b0e
c1216cf751386d5a8dda8d3a92e63734e7070845f79d4866b1e4baa1612ccc0c
c16f492ea7f86e5fa6e96524a34535c9941c869b0605ec1376f56897cb1efc84
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
c42918d3dad2e21dd4e055f2c8628b8dec51e4208226371c255767d1244298b2
c575daf05f43b83d45f655498095ebdd12cc10eca79c1c2fea0dfe51f508b651
c5bf2b44104c6ae4bdc5ccaf16169c7d3bf8ea750cdde9cae7cc6dd0973a0dd0
c69de41dda83f00cc1b13dba90a57f25df046286ecd227bdd0c4d51d94947b61
c7630e92fded36aa312aed27980544c81461433863825aa640eac4c07b916a71
d3301d4877d87d96117d66bc26bd4fe655f91143a2cc956e374f1acadbd5de6b
e13efc4489744b3c49969373abc50ef7f613ff3a951112b759f1ab12c292caf2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6584f14d4039a010b9e2b3d1ec27c6dbf47ee65d9eea3412f4146d64e1b5f93
e6975f0df36c8c2662da721d92776b93a22a4a2f1ae2a75706052325daf9111d
f0814d0f36cb15079b2d66d976e2c43d0017ad8a2d8a26567ebb109860bcb924
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9
f4c605acdcfefef3957bceab8932639ee759766bf89efec9e64c5bdb7b4b1156
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e