www.thenorthman.com Open in urlscan Pro
159.203.87.220 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.thenorthman.com//
Effective URL:
https://www.thenorthman.com//
Submission: On October 12 via api (October 12th 2024, 3:17:21 am UTC) from US — Scanned from DE

Summary HTTP 39 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 39 HTTP transactions. The main IP is 159.203.87.220, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.thenorthman.com.
TLS certificate: Issued by cPanel, Inc. ECC Certification Authority on September 8th 2024. Valid for: 3 months.

This is the only time www.thenorthman.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	159.203.87.220 159.203.87.220	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1 3	44.225.221.34 44.225.221.34	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	52.26.158.71 52.26.158.71	() ()
39	12

19 159.203.87.220 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: intrinsicchicago.com

www.thenorthman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.225.221.34 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-225-221-34.us-west-2.compute.amazonaws.com

my.zenreach.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

di.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.26.158.71 (None, )

ASN- ()

wifa.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	thenorthman.com www.thenorthman.com	2 MB
5	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3643 www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
3	zenreach.com 1 redirects my.zenreach.com — Cisco Umbrella Rank: 514511	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	264 KB
2	wifa.st wifa.st	1 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136 td.doubleclick.net — Cisco Umbrella Rank: 192	557 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
1	google.de www.google.de — Cisco Umbrella Rank: 11271	63 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4401
1	rlcdn.com di.rlcdn.com — Cisco Umbrella Rank: 3218
1	gstatic.com fonts.gstatic.com	47 KB
39	11

	Domain	Requested by
19	www.thenorthman.com	www.thenorthman.com
3	www.google-analytics.com	my.zenreach.com www.google-analytics.com
3	my.zenreach.com	1 redirects www.thenorthman.com my.zenreach.com
3	www.googletagmanager.com	www.thenorthman.com www.google-analytics.com
2	wifa.st	my.zenreach.com wifa.st
2	fonts.googleapis.com	www.thenorthman.com
2	region1.google-analytics.com	www.googletagmanager.com
1	www.google.de
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	di.rlcdn.com	my.zenreach.com
1	fonts.gstatic.com	fonts.googleapis.com
39	13

This site contains links to these domains. Also see Links.

Domain
contact.thenorthman.com
www.facebook.com
twitter.com
www.instagram.com
www.toasttab.com
www.facesofchi.com
www.northmancider.com
www.intrinsicchicago.com

Subject Issuer	Validity	Valid
thenorthman.com cPanel, Inc. ECC Certification Authority	`2024-09-08` - `2024-12-07`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
my.zenreach.com Amazon RSA 2048 M03	`2024-01-29` - `2025-02-26`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.google.de WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
wifa.st Amazon RSA 2048 M02	`2024-03-18` - `2025-04-16`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.thenorthman.com//
Frame ID: BF5ED8DBA8BA230CB2FCB66A39CD98F9
Requests: 36 HTTP requests in this frame

Frame: https://di.rlcdn.com/710344.html?pdata=widgetId%3D94f434aa-0174-4814-a552-da1af44715ab
Frame ID: DB052E082F6EBDCD8C872FF67175D63B
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-C9VZSQJW1B&gacid=1743410903.1728703036&gtm=45je4a90v9126291584za200&dma=1&dma_cps=syphamo&gcd=13l3l3l2l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101686685&z=1949003277
Frame ID: 29365D6568967B21F1CC6802B1CC136E
Requests: 1 HTTP requests in this frame

Frame: https://my.zenreach.com/widgetform/?id=94f434aa-0174-4814-a552-da1af44715ab
Frame ID: 400052A3E8ACDFFC286CED4506427D1E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Northman Beer & Cider Garden

Page URL History Show full URLs

http://www.thenorthman.com// HTTP 307
https://www.thenorthman.com// Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Page Statistics

39
Requests

100 %
HTTPS

67 %
IPv6

11
Domains

13
Subdomains

12
IPs

3
Countries

2383 kB
Transfer

3840 kB
Size

7
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://contact.thenorthman.com/
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.facebook.com/thenorthmanriverwalk

Search URL Search Domain Scan URL

URL: https://twitter.com/the_riverwalk

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thenorthmanriverwalk/

Search URL Search Domain Scan URL

URL: https://www.toasttab.com/the-northman-beer-and-cider-garden/giftcards
Title: Gift Cards

Search URL Search Domain Scan URL

URL: https://www.facesofchi.com/post/cider

Search URL Search Domain Scan URL

URL: https://www.northmancider.com/

Search URL Search Domain Scan URL

URL: https://www.intrinsicchicago.com/
Title: Intrinsic

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.thenorthman.com// HTTP 307
https://www.thenorthman.com// Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://my.zenreach.com/widgetform?id=94f434aa-0174-4814-a552-da1af44715ab HTTP 301
https://my.zenreach.com/widgetform/?id=94f434aa-0174-4814-a552-da1af44715ab

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.thenorthman.com//
Redirect Chain

http://www.thenorthman.com//
https://www.thenorthman.com//

29 KB
29 KB

1022ms
180ms

Document
text/html

159.203.87.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenorthman.com//
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.87.220 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: intrinsicchicago.com
Software: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23 /
Resource Hash: 3485ff3478a5b2f6da8d3b64ee22ab08ff593cfb1fe800a5c0bf642b51c17df9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 12 Oct 2024 03:17:15 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23
Transfer-Encoding: chunked

Redirect headers

Location: https://www.thenorthman.com//
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 293 KB
101 KB 53ms
26ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LGRXXWDRXF

Requested by

Host: www.thenorthman.com
URL: https://www.thenorthman.com//

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

20c120ced1e8f20191adddc84f8d3db0b2b0e3254dd4ce17e6963a47f80f25ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 12 Oct 2024 03:17:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 03:17:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 102223
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK theme.css
www.thenorthman.com//assets/css/ 344 KB
48 KB 166ms
105ms Stylesheet
text/css 159.203.87.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenorthman.com//assets/css/theme.css
Requested by: Host: www.thenorthman.com
URL: https://www.thenorthman.com//
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.87.220 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: intrinsicchicago.com
Software: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23 /
Resource Hash: 9144b90809301fae47a78b9c1d4bc228ced87fb49b7eaca2baaca24b8f00b4ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com//

Response headers

Content-Encoding: gzip
ETag: "2c1439-561f0-5dd8467db5fc8-gzip"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 48964
Keep-Alive: timeout=5, max=99
Date: Sat, 12 Oct 2024 03:17:15 GMT
Last-Modified: Tue, 26 Apr 2022 01:13:51 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23
Content-Type: text/css

GET
H/1.1 200
OK glightbox.min.css
www.thenorthman.com//assets/vendors/glightbox/ 14 KB
3 KB 275ms
94ms Stylesheet
text/css 159.203.87.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenorthman.com//assets/vendors/glightbox/glightbox.min.css
Requested by: Host: www.thenorthman.com
URL: https://www.thenorthman.com//
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.87.220 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: intrinsicchicago.com
Software: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23 /
Resource Hash: 84e5069617de6f0159280e561056b9e30f5100b9df1339396764cc8e8371e7db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com//

Response headers

Content-Encoding: gzip
ETag: "2de548-37c4-5dcf2acad1d40-gzip"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2628
Keep-Alive: timeout=5, max=100
Date: Sat, 12 Oct 2024 03:17:15 GMT
Last-Modified: Mon, 18 Apr 2022 19:22:00 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23
Content-Type: text/css

GET
H/1.1 200
OK theme.min.css
www.thenorthman.com//assets/css/ 308 KB
46 KB 304ms
113ms Stylesheet
text/css 159.203.87.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenorthman.com//assets/css/theme.min.css
Requested by: Host: www.thenorthman.com
URL: https://www.thenorthman.com//
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.87.220 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: intrinsicchicago.com
Software: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23 /
Resource Hash: a56d38ee92b9e57fbd44269022ee0af987314d12f40d24a67e8b1a6b613e5f58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com//

Response headers

Content-Encoding: gzip
ETag: "2c143a-4cf86-5dcf2ab74c068-gzip"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 46667
Keep-Alive: timeout=5, max=100
Date: Sat, 12 Oct 2024 03:17:15 GMT
Last-Modified: Mon, 18 Apr 2022 19:21:40 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23
Content-Type: text/css

GET
H/1.1 200
OK logolightriver.png
www.thenorthman.com//assets/img/logo/ 13 KB
13 KB 299ms
105ms Image
image/png 159.203.87.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenorthman.com//assets/img/logo/logolightriver.png
Requested by: Host: www.thenorthman.com
URL: https://www.thenorthman.com//
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.87.220 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: intrinsicchicago.com
Software: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23 /
Resource Hash: 18fb0021d42a72244a248fe2437d711e5315ebbb191f09804d6bd3ad6da4d98d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com//

Response headers

ETag: "2dd318-3269-5dcf2ac8f44a0"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 12905
Keep-Alive: timeout=5, max=100
Date: Sat, 12 Oct 2024 03:17:15 GMT
Last-Modified: Mon, 18 Apr 2022 19:21:58 GMT
Content-Type: image/png
Server: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23

GET
H/1.1 200
OK indexhead.jpg
www.thenorthman.com//assets/img/ 348 KB
348 KB 300ms
100ms Image
image/jpeg 159.203.87.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenorthman.com//assets/img/indexhead.jpg
Requested by: Host: www.thenorthman.com
URL: https://www.thenorthman.com//
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.87.220 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: intrinsicchicago.com
Software: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23 /
Resource Hash: eb869cff7f9b5513aa1cecf953a6bbf18c6b245f8ed7ff3d6f187b9302d339ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com//

Response headers

ETag: "2c1471-56fa2-5dcf2aba60d80"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 356258
Keep-Alive: timeout=5, max=100
Date: Sat, 12 Oct 2024 03:17:15 GMT
Last-Modified: Mon, 18 Apr 2022 19:21:43 GMT
Content-Type: image/jpeg
Server: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 189 KB
68 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M4CNQR7

Requested by

Host: www.thenorthman.com
URL: https://www.thenorthman.com//

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ca9d0a5aecb9bea4384058e3d20aeacdaf868de2ae208cbb2e3c7bdec061269

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 12 Oct 2024 03:17:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 03:17:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 12 Oct 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 69312
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK ciderhand.jpg
www.thenorthman.com//assets/img/ 82 KB
82 KB 99ms
99ms Image
image/jpeg 159.203.87.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenorthman.com//assets/img/ciderhand.jpg
Requested by: Host: www.thenorthman.com
URL: https://www.thenorthman.com//
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.87.220 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: intrinsicchicago.com
Software: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23 /
Resource Hash: a4884efe84cc0c42302a4ebd1b463e06965a7313fb7d553285739f054c2862e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com//

Response headers

ETag: "2c145b-146d0-5dcf2ab8cefd0"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 83664
Keep-Alive: timeout=5, max=99
Date: Sat, 12 Oct 2024 03:17:15 GMT
Last-Modified: Mon, 18 Apr 2022 19:21:41 GMT
Content-Type: image/jpeg
Server: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23

GET
H/1.1 200
OK pretz.jpg
www.thenorthman.com//assets/img/ 155 KB
155 KB 100ms
99ms Image
image/jpeg 159.203.87.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenorthman.com//assets/img/pretz.jpg
Requested by: Host: www.thenorthman.com
URL: https://www.thenorthman.com//
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.87.220 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: intrinsicchicago.com
Software: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23 /
Resource Hash: 1a39a0843e8e71821f5d4ff3697dd6082d889b675b33af803728d1d47a309cd3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com//

Response headers

ETag: "2c147c-26a99-5dcf2abb13cc8"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 158361
Keep-Alive: timeout=5, max=99
Date: Sat, 12 Oct 2024 03:17:15 GMT
Last-Modified: Mon, 18 Apr 2022 19:21:44 GMT
Content-Type: image/jpeg
Server: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23

GET
H/1.1 200
OK riverround.png
www.thenorthman.com//assets/img/ 62 KB
63 KB 543ms
542ms Image
image/png 159.203.87.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenorthman.com//assets/img/riverround.png
Requested by: Host: www.thenorthman.com
URL: https://www.thenorthman.com//
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.87.220 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: intrinsicchicago.com
Software: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23 /
Resource Hash: c11a3d4b5ce1e228a54de6c6a184c0ed973db1b9986a26601658719b39a70ef6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com//

Response headers

ETag: "2c147e-f950-5dcf2abb31570"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 63824
Keep-Alive: timeout=5, max=99
Date: Sat, 12 Oct 2024 03:17:15 GMT
Last-Modified: Mon, 18 Apr 2022 19:21:44 GMT
Content-Type: image/png
Server: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23

GET
H/1.1 200
OK foodslashindex.jpg
www.thenorthman.com//assets/img/ 61 KB
61 KB 102ms
102ms Image
image/jpeg 159.203.87.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenorthman.com//assets/img/foodslashindex.jpg
Requested by: Host: www.thenorthman.com
URL: https://www.thenorthman.com//
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.87.220 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: intrinsicchicago.com
Software: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23 /
Resource Hash: 13f2a4d9592c4b6457744c8ba985d23693800a0580a785524a87ce37f3402b60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com//

Response headers

ETag: "2c1469-f328-5dcf2ab9e2228"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 62248
Keep-Alive: timeout=5, max=100
Date: Sat, 12 Oct 2024 03:17:15 GMT
Last-Modified: Mon, 18 Apr 2022 19:21:43 GMT
Content-Type: image/jpeg
Server: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23

GET
H/1.1 200
OK glasses.jpg
www.thenorthman.com//assets/img/ 61 KB
61 KB 99ms
98ms Image
image/jpeg 159.203.87.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenorthman.com//assets/img/glasses.jpg
Requested by: Host: www.thenorthman.com
URL: https://www.thenorthman.com//
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.87.220 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: intrinsicchicago.com
Software: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23 /
Resource Hash: 70d2fa39d4d8aa3f2b72454c7015e77779d3bb4ada40b8510b65d89d504a113d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com//

Response headers

ETag: "2c146f-f390-5dcf2aba3ee88"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 62352
Keep-Alive: timeout=5, max=98
Date: Sat, 12 Oct 2024 03:17:16 GMT
Last-Modified: Mon, 18 Apr 2022 19:21:43 GMT
Content-Type: image/jpeg
Server: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23

GET
H/1.1 200
OK event.jpg
www.thenorthman.com//assets/img/ 79 KB
80 KB 94ms
94ms Image
image/jpeg 159.203.87.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenorthman.com//assets/img/event.jpg
Requested by: Host: www.thenorthman.com
URL: https://www.thenorthman.com//
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.87.220 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: intrinsicchicago.com
Software: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23 /
Resource Hash: ddaa0def7d34b19df4737f5c9ac18191cdebdfe9130379894762443110939841

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com//

Response headers

ETag: "2c1465-13dfe-5dcf2ab9a0f30"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 81406
Keep-Alive: timeout=5, max=97
Date: Sat, 12 Oct 2024 03:17:16 GMT
Last-Modified: Mon, 18 Apr 2022 19:21:42 GMT
Content-Type: image/jpeg
Server: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23

GET
H/1.1 200
OK gifts.jpg
www.thenorthman.com//assets/img/ 82 KB
83 KB 98ms
98ms Image
image/jpeg 159.203.87.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenorthman.com//assets/img/gifts.jpg
Requested by: Host: www.thenorthman.com
URL: https://www.thenorthman.com//
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.87.220 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: intrinsicchicago.com
Software: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23 /
Resource Hash: 57086baec461dbc21a6058815230ad007f829ae227005896094d81c1b5a35bb9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com//

Response headers

ETag: "2c146e-148d8-5dcf2aba3c390"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 84184
Keep-Alive: timeout=5, max=97
Date: Sat, 12 Oct 2024 03:17:16 GMT
Last-Modified: Mon, 18 Apr 2022 19:21:43 GMT
Content-Type: image/jpeg
Server: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23

GET
H/1.1 200
OK faces.png
www.thenorthman.com//assets/img/ 32 KB
32 KB 102ms
102ms Image
image/png 159.203.87.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenorthman.com//assets/img/faces.png
Requested by: Host: www.thenorthman.com
URL: https://www.thenorthman.com//
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.87.220 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: intrinsicchicago.com
Software: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23 /
Resource Hash: e93ab1ea4e6e53612cc4b2f4a53de067bfab8c330cf015e9fee5da51605e1e9f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com//

Response headers

ETag: "2c13ec-7e83-5fe7e48ad0410"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 32387
Keep-Alive: timeout=5, max=99
Date: Sat, 12 Oct 2024 03:17:16 GMT
Last-Modified: Mon, 19 Jun 2023 16:47:02 GMT
Content-Type: image/png
Server: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23

GET
H/1.1 200
OK ciderco.png
www.thenorthman.com//assets/img/ 312 KB
312 KB 101ms
101ms Image
image/png 159.203.87.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenorthman.com//assets/img/ciderco.png
Requested by: Host: www.thenorthman.com
URL: https://www.thenorthman.com//
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.87.220 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: intrinsicchicago.com
Software: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23 /
Resource Hash: 47c455acf99f6e32e7a9ca8a6efeb278fabf979119be98cb3b9424e577dc23a0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com//

Response headers

ETag: "2c145a-4df83-5fa56215be3f8"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 319363
Keep-Alive: timeout=5, max=99
Date: Sat, 12 Oct 2024 03:17:16 GMT
Last-Modified: Thu, 27 Apr 2023 19:11:57 GMT
Content-Type: image/png
Server: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23

GET
H/1.1 200
OK theme.min.js Show response
www.thenorthman.com//assets/js/ 493 KB
131 KB 104ms
103ms Script
application/javascript 159.203.87.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenorthman.com//assets/js/theme.min.js
Requested by: Host: www.thenorthman.com
URL: https://www.thenorthman.com//
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.87.220 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: intrinsicchicago.com
Software: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23 /
Resource Hash: f2496a7982578fde0babf2a44a02953ce7056280144e08edb46ff01a3afff9ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com//

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: "2c1484-7b378-5dcf2abbc8380-gzip"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Date: Sat, 12 Oct 2024 03:17:15 GMT
Last-Modified: Mon, 18 Apr 2022 19:21:45 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23
Content-Type: application/javascript

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 37ms
16ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LGRXXWDRXF&gtm=45je4a90v879216437za200&_p=1728703035793&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101509156~101671035~101686685&cid=1743410903.1728703036&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1728703035&sct=1&seg=0&dl=https%3A%2F%2Fwww.thenorthman.com%2F%2F&dt=The%20Northman%20Beer%20%26%20Cider%20Garden&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1175
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LGRXXWDRXF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.thenorthman.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 03:17:15 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
697 B 40ms
19ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,100..900;1,100..900&display=swap

Requested by

Host: www.thenorthman.com
URL: https://www.thenorthman.com//assets/css/theme.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec115c8c5c4cbf521a4e75babc4cd1a4180641e880f1d5fa341b2f8fd99d5f38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 12 Oct 2024 03:17:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 03:17:16 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 12 Oct 2024 02:51:55 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
875 B 40ms
18ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Playball&display=swap

Requested by

Host: www.thenorthman.com
URL: https://www.thenorthman.com//assets/css/theme.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

695059a941eb2d99ea886009f95804dfa92509d6e9fbdb087bcf06e21e3f6a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 12 Oct 2024 03:17:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 03:17:16 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 12 Oct 2024 03:17:16 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK dust.png
www.thenorthman.com//assets/img/ 472 KB
473 KB 99ms
99ms Image
image/png 159.203.87.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenorthman.com//assets/img/dust.png
Requested by: Host: www.thenorthman.com
URL: https://www.thenorthman.com//
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.87.220 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: intrinsicchicago.com
Software: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23 /
Resource Hash: 7dcdf98592259c113408c88c7afc1085f3ac0f275c275e0ad6d6d04b3270c3d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com//

Response headers

ETag: "2c1463-760b0-5dcf2ab982eb8"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 483504
Keep-Alive: timeout=5, max=97
Date: Sat, 12 Oct 2024 03:17:16 GMT
Last-Modified: Mon, 18 Apr 2022 19:21:42 GMT
Content-Type: image/png
Server: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23

GET
H3 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 47 KB
47 KB 25ms
10ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,100..900;1,100..900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.thenorthman.com
Referer: https://fonts.googleapis.com/

Response headers

age: 338618
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 05:13:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 05:13:38 GMT
last-modified: Wed, 01 May 2024 20:31:48 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48336
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK lhf_grant_antique-webfont.woff2
www.thenorthman.com/assets/fonts/ 16 KB
16 KB 260ms
99ms Font
font/woff2 159.203.87.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenorthman.com/assets/fonts/lhf_grant_antique-webfont.woff2
Requested by: Host: www.thenorthman.com
URL: https://www.thenorthman.com//assets/css/theme.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.87.220 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: intrinsicchicago.com
Software: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23 /
Resource Hash: f0162ff6f03336821f0dd8bbf15f794ab6523e9dd6630bd79335b0c8b2d4f4ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.thenorthman.com
Referer: https://www.thenorthman.com//assets/css/theme.css

Response headers

Content-Encoding: gzip
ETag: "2c1441-3ec4-5dcf2ab7e3260-gzip"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 16091
Keep-Alive: timeout=5, max=98
Date: Sat, 12 Oct 2024 03:17:15 GMT
Last-Modified: Mon, 18 Apr 2022 19:21:40 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23
Content-Type: font/woff2

GET
H2 200 widget_popover_e.min.js Show response
my.zenreach.com/static/popover/ 4 KB
2 KB 589ms
161ms Script
application/javascript 44.225.221.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://my.zenreach.com/static/popover/widget_popover_e.min.js?id=94f434aa-0174-4814-a552-da1af44715ab&w=560&h=539&freq=7&delay=3000
Requested by: Host: www.thenorthman.com
URL: https://www.thenorthman.com//
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.225.221.34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-225-221-34.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: f1dd2894bb65b0e96920de9f9419f5ce6545b4585edb4ddb5a918781df8b3309

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com/

Response headers

cache-control: public, max-age=2592000
content-encoding: br
access-control-allow-origin: *
content-length: 1412
date: Sat, 12 Oct 2024 03:17:17 GMT
content-type: application/javascript; charset="utf-8"
last-modified: Fri, 04 Oct 2024 20:11:03 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK favicon.ico
www.thenorthman.com// 15 KB
9 KB 96ms
96ms Other
image/x-icon 159.203.87.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenorthman.com//favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.87.220 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: intrinsicchicago.com
Software: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23 /
Resource Hash: 54c5824e4ded3b3fca520606ea1d757acecafd9f62818721219b2c217044cabe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com//

Response headers

Content-Encoding: gzip
ETag: "2bfb34-3c2e-5fd188f7481c8-gzip"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 8541
Keep-Alive: timeout=5, max=98
Date: Sat, 12 Oct 2024 03:17:16 GMT
Last-Modified: Thu, 01 Jun 2023 22:00:11 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache/2.4.62 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 Phusion_Passenger/6.0.23
Content-Type: image/x-icon

GET
H2 451 710344.html
di.rlcdn.com/ Frame DB05 0
0 51ms
15ms Document
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://di.rlcdn.com/710344.html?pdata=widgetId%3D94f434aa-0174-4814-a552-da1af44715ab
Requested by: Host: my.zenreach.com
URL: https://my.zenreach.com/static/popover/widget_popover_e.min.js?id=94f434aa-0174-4814-a552-da1af44715ab&w=560&h=539&freq=7&delay=3000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://www.thenorthman.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 12 Oct 2024 03:17:17 GMT
via: 1.1 google

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: my.zenreach.com
URL: https://my.zenreach.com/static/popover/widget_popover_e.min.js?id=94f434aa-0174-4814-a552-da1af44715ab&w=560&h=539&freq=7&delay=3000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com/

Response headers

content-encoding: gzip
age: 6429
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sat, 12 Oct 2024 03:30:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 01:30:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
375 B 15ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=802451056&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thenorthman.com%2F%2F&ul=de-de&de=UTF-8&dt=The%20Northman%20Beer%20%26%20Cider%20Garden&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=707485817&gjid=1676489419&cid=1743410903.1728703036&tid=UA-59170448-5&_gid=826215584.1728703038&_r=1&_slc=1&z=1469667055

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

02749909808d7feb08b1b0c1d19eba4a5ae1d09ea02b12664b034d1e94fc7a36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.thenorthman.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 03:17:17 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.thenorthman.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ 35 B
407 B 8ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=802451056&t=event&_s=2&dl=https%3A%2F%2Fwww.thenorthman.com%2F%2F&ul=de-de&de=UTF-8&dt=The%20Northman%20Beer%20%26%20Cider%20Garden&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=widget_popover_e&ea=94f434aa-0174-4814-a552-da1af44715ab&_u=IADAAEABAAAAACAAI~&jid=&gjid=&cid=1743410903.1728703036&tid=UA-59170448-5&_gid=826215584.1728703038&z=2002489222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com/

Response headers

age: 64152
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 09:28:05 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
96 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C9VZSQJW1B&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

230133a81933bd78d122cbadede6773b27545b268784ccdc1217010b0df7ca06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 12 Oct 2024 03:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 03:17:17 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 97993
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 22ms
15ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-C9VZSQJW1B&gtm=45je4a90v9126291584za200&_p=1728703035793&_gaz=1&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&ul=de-de&sr=1600x1200&cid=1743410903.1728703036&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.thenorthman.com%2F%2F&dt=The%20Northman%20Beer%20%26%20Cider%20Garden&sid=1728703038&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3329
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C9VZSQJW1B&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.thenorthman.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 03:17:18 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
557 B 67ms
21ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C9VZSQJW1B&cid=1743410903.1728703036&gtm=45je4a90v9126291584za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l2l1&npa=0&frm=0&tag_exp=101671035~101686685
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C9VZSQJW1B&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.thenorthman.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 03:17:18 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 2936 0
0 40ms
18ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-C9VZSQJW1B&gacid=1743410903.1728703036&gtm=45je4a90v9126291584za200&dma=1&dma_cps=syphamo&gcd=13l3l3l2l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101686685&z=1949003277

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C9VZSQJW1B&cx=c&_slc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenorthman.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Oct 2024 03:17:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 33ms
18ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-C9VZSQJW1B&cid=1743410903.1728703036&gtm=45je4a90v9126291584za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l2l1&npa=0&frm=0&tag_exp=101671035~101686685&tag_exp=101671035~101686685&z=560857481

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 12 Oct 2024 03:17:18 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 14ms
13ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LGRXXWDRXF&gtm=45je4a90v879216437za200&_p=1728703035793&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101509156~101671035~101686685&cid=1743410903.1728703036&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1728703035&sct=1&seg=0&dl=https%3A%2F%2Fwww.thenorthman.com%2F%2F&dt=The%20Northman%20Beer%20%26%20Cider%20Garden&en=scroll&epn.percent_scrolled=90&_et=3&tfd=6180
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LGRXXWDRXF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.thenorthman.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 03:17:20 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 widget_popover.css
wifa.st/static/popover/ 1 KB
639 B 547ms
169ms Stylesheet
text/css 52.26.158.71

General

Check archive.org

Show headers Download Go to

Full URL: https://wifa.st/static/popover/widget_popover.css
Requested by: Host: my.zenreach.com
URL: https://my.zenreach.com/static/popover/widget_popover_e.min.js?id=94f434aa-0174-4814-a552-da1af44715ab&w=560&h=539&freq=7&delay=3000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.26.158.71 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a13b7e84a4463ef2fb53ed880ead02a1bf92efeee1c098dbbfb7760f5599caf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thenorthman.com/

Response headers

cache-control: public, max-age=2592000
content-encoding: br
access-control-allow-origin: *
content-length: 440
date: Sat, 12 Oct 2024 03:17:21 GMT
content-type: text/css; charset="utf-8"
last-modified: Fri, 04 Oct 2024 20:11:03 GMT
vary: Accept-Encoding

GET
H2

200

/
my.zenreach.com/widgetform/ Frame 4000
Redirect Chain

https://my.zenreach.com/widgetform?id=94f434aa-0174-4814-a552-da1af44715ab
https://my.zenreach.com/widgetform/?id=94f434aa-0174-4814-a552-da1af44715ab

0
0

168ms
168ms

Document
text/html

44.225.221.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.zenreach.com/widgetform/?id=94f434aa-0174-4814-a552-da1af44715ab

Requested by

Host: my.zenreach.com
URL: https://my.zenreach.com/static/popover/widget_popover_e.min.js?id=94f434aa-0174-4814-a552-da1af44715ab&w=560&h=539&freq=7&delay=3000

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.225.221.34 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-225-221-34.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenorthman.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-store
content-language: en-us
content-type: text/html; charset=utf-8
date: Sat, 12 Oct 2024 03:17:21 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Cookie, Accept-Language
x-content-type-options: nosniff

Redirect headers

cache-control: no-store
content-language: en-us
content-security-policy: default-src 'self'; base-uri 'self'; connect-src 'self' https://api.rollbar.com https://maps.googleapis.com https://forms.hsforms.com/embed/v3/form/20820290/0b3a96a4-1e44-4839-84e8-01878da328c3/json https://forms.hsforms.com/emailcheck/v1/json-ext; form-action 'self' https://adentro.okta.com https://forms.hsforms.com/submissions/v3/public/submit/formsnext/multipart/20820290/0b3a96a4-1e44-4839-84e8-01878da328c3; font-src 'self' data: *; img-src 'self' data: *; object-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' https: 'self'; style-src 'unsafe-inline' https: blob: 'self'; frame-ancestors 'self' https://my.zenreach.com https://partner.zenreach.com; frame-src 'self' https://www.google.com/recaptcha/ https://portal.wifast.com https://info.zenreach.com https://feedback.zenreach.com https://repmanagement.service.zp.cntr.io https://www.facebook.com https://business.facebook.com https://forms.hsforms.com/;
content-type: text/html; charset=utf-8
date: Sat, 12 Oct 2024 03:17:21 GMT
location: https://my.zenreach.com/widgetform/?id=94f434aa-0174-4814-a552-da1af44715ab
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Language
x-content-type-options: nosniff

GET
H2 200 ic-close@2x.png
wifa.st/static/images/ 618 B
770 B 168ms
168ms Image
image/png 52.26.158.71

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wifa.st/static/images/ic-close@2x.png
Requested by: Host: wifa.st
URL: https://wifa.st/static/popover/widget_popover.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.26.158.71 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51473e450d82b4ed300fd3aa5f24ad831c6dc3b608c8412098b878512d9c68f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wifa.st/static/popover/widget_popover.css

Response headers

cache-control: public, max-age=2592000
access-control-allow-origin: *
content-length: 618
date: Sat, 12 Oct 2024 03:17:21 GMT
content-type: image/png
last-modified: Fri, 04 Oct 2024 20:11:03 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.thenorthman.com/	1970-01-21 09:47:43	Name: _ga_LGRXXWDRXF Value: GS1.1.1728703035.1.0.1728703035.0.0.0
www.thenorthman.com/	1970-01-21 00:21:47	Name: zenreach_popover Value: true
.thenorthman.com/	1970-01-21 09:47:43	Name: _ga Value: GA1.2.1743410903.1728703036
.thenorthman.com/	1970-01-21 00:13:09	Name: _gid Value: GA1.2.826215584.1728703038
.thenorthman.com/	1970-01-21 00:11:43	Name: _gat Value: 1
.thenorthman.com/	1970-01-21 09:47:43	Name: _ga_C9VZSQJW1B Value: GS1.2.1728703038.1.0.1728703038.60.0.0
.doubleclick.net/	1970-01-21 00:11:43	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

di.rlcdn.com
fonts.googleapis.com
fonts.gstatic.com
my.zenreach.com
region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
td.doubleclick.net
wifa.st
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.thenorthman.com
159.203.87.220
2001:4860:4802:32::36
2a00:1450:4001:806::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9c
35.244.174.68
44.225.221.34
52.26.158.71
02749909808d7feb08b1b0c1d19eba4a5ae1d09ea02b12664b034d1e94fc7a36
0ca9d0a5aecb9bea4384058e3d20aeacdaf868de2ae208cbb2e3c7bdec061269
13f2a4d9592c4b6457744c8ba985d23693800a0580a785524a87ce37f3402b60
18fb0021d42a72244a248fe2437d711e5315ebbb191f09804d6bd3ad6da4d98d
1a39a0843e8e71821f5d4ff3697dd6082d889b675b33af803728d1d47a309cd3
20c120ced1e8f20191adddc84f8d3db0b2b0e3254dd4ce17e6963a47f80f25ed
230133a81933bd78d122cbadede6773b27545b268784ccdc1217010b0df7ca06
3485ff3478a5b2f6da8d3b64ee22ab08ff593cfb1fe800a5c0bf642b51c17df9
47c455acf99f6e32e7a9ca8a6efeb278fabf979119be98cb3b9424e577dc23a0
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
51473e450d82b4ed300fd3aa5f24ad831c6dc3b608c8412098b878512d9c68f6
54c5824e4ded3b3fca520606ea1d757acecafd9f62818721219b2c217044cabe
57086baec461dbc21a6058815230ad007f829ae227005896094d81c1b5a35bb9
695059a941eb2d99ea886009f95804dfa92509d6e9fbdb087bcf06e21e3f6a93
70d2fa39d4d8aa3f2b72454c7015e77779d3bb4ada40b8510b65d89d504a113d
7dcdf98592259c113408c88c7afc1085f3ac0f275c275e0ad6d6d04b3270c3d3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e5069617de6f0159280e561056b9e30f5100b9df1339396764cc8e8371e7db
8a13b7e84a4463ef2fb53ed880ead02a1bf92efeee1c098dbbfb7760f5599caf
9144b90809301fae47a78b9c1d4bc228ced87fb49b7eaca2baaca24b8f00b4ff
a4884efe84cc0c42302a4ebd1b463e06965a7313fb7d553285739f054c2862e1
a56d38ee92b9e57fbd44269022ee0af987314d12f40d24a67e8b1a6b613e5f58
c11a3d4b5ce1e228a54de6c6a184c0ed973db1b9986a26601658719b39a70ef6
ddaa0def7d34b19df4737f5c9ac18191cdebdfe9130379894762443110939841
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93ab1ea4e6e53612cc4b2f4a53de067bfab8c330cf015e9fee5da51605e1e9f
eb869cff7f9b5513aa1cecf953a6bbf18c6b245f8ed7ff3d6f187b9302d339ab
ec115c8c5c4cbf521a4e75babc4cd1a4180641e880f1d5fa341b2f8fd99d5f38
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0162ff6f03336821f0dd8bbf15f794ab6523e9dd6630bd79335b0c8b2d4f4ab
f1dd2894bb65b0e96920de9f9419f5ce6545b4585edb4ddb5a918781df8b3309
f2496a7982578fde0babf2a44a02953ce7056280144e08edb46ff01a3afff9ff

www.thenorthman.com Open in urlscan Pro 159.203.87.220 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

100 %HTTPS

67 %IPv6

11 Domains

13 Subdomains

12 IPs

3 Countries

2383 kBTransfer

3840 kBSize

7 Cookies

8 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thenorthman.com Open in urlscan Pro
159.203.87.220 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

100 %
HTTPS

67 %
IPv6

11
Domains

13
Subdomains

12
IPs

3
Countries

2383 kB
Transfer

3840 kB
Size

7
Cookies

39 HTTP transactions
0 data transactions