URL: http://www.ductorm.bar/
Submission: On October 28 via api from DE

Summary

This website contacted 37 IPs in 6 countries across 30 domains to perform 111 HTTP transactions. The main IP is 2606:4700:3034::ac43:abe0, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ductorm.bar.
This is the only time www.ductorm.bar was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
30 2606:4700::68... 13335 (CLOUDFLAR...)
9 2606:4700::68... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
2 4 2606:4700:303... 13335 (CLOUDFLAR...)
1 65.9.190.98 16509 (AMAZON-02)
1 4 2600:9000:20d... 16509 (AMAZON-02)
1 4 172.217.23.130 15169 (GOOGLE)
2 4 143.204.201.99 16509 (AMAZON-02)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 104.19.150.54 13335 (CLOUDFLAR...)
1 2a04:4e42:3::621 54113 (FASTLY)
12 2a00:1450:400... 15169 (GOOGLE)
1 3 142.93.197.211 14061 (DIGITALOC...)
1 206.189.189.226 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
1 37.252.172.36 29990 (ASN-APPNEX)
1 2600:9000:20d... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 34.107.254.252 15169 (GOOGLE)
2 143.204.201.123 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 185.94.180.126 35220 (SPOTX-AMS)
1 2600:9000:214... 16509 (AMAZON-02)
1 34.195.35.40 14618 (AMAZON-AES)
1 6 54.77.58.217 16509 (AMAZON-02)
1 192.0.77.48 2635 (AUTOMATTIC)
1 2600:9000:20d... 16509 (AMAZON-02)
1 3.89.179.232 14618 (AMAZON-AES)
1 2 3.250.252.43 16509 (AMAZON-02)
2 2 34.120.207.148 15169 (GOOGLE)
2 2 52.49.73.64 16509 (AMAZON-02)
2 2 52.30.140.199 16509 (AMAZON-02)
1 2 3.121.27.153 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
111 37
Apex Domain
Subdomains
Transfer
30 tnwcdn.com
cdn0.tnwcdn.com
img-cdn.tnwcdn.com
2 MB
12 google-analytics.com
www.google-analytics.com
53 KB
9 thenextweb.com
thenextweb.com
242 KB
8 privacymanager.io
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
geo.privacymanager.io
gdpr-consent-tool.privacymanager.io
161 KB
7 ml314.com
ml314.com
in.ml314.com
15 KB
7 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
115 KB
6 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
146 KB
4 google.com
adservice.google.com
ampcid.google.com
www.google.com
2 KB
4 google.de
adservice.google.de
ampcid.google.de
www.google.de
2 KB
4 permutive.com
cdn.permutive.com
api.permutive.com
61 KB
4 elasticad.net
cdn.elasticad.net
90 KB
4 massariuscdn.com
massariuscdn.com
92 KB
3 acsbapp.com
acsbapp.com
cdn.acsbapp.com
393 KB
2 eyeota.net
ps.eyeota.net
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net
1003 B
2 adsrvr.org
match.adsrvr.org
927 B
2 rlcdn.com
idsync.rlcdn.com
799 B
2 demdex.net
dpm.demdex.net
2 KB
2 googletagmanager.com
www.googletagmanager.com
68 KB
2 stack-sonar.com
www.stack-sonar.com
api.stack-sonar.com
3 KB
2 ductorm.bar
www.ductorm.bar
26 KB
1 w.org
s.w.org
2 KB
1 cloudfront.net
d2lcoyv3ods5zz.cloudfront.net
1 spotxchange.com
sync.search.spotxchange.com
360 B
1 hs-scripts.com
js.hs-scripts.com
1 adnxs.com
ib.adnxs.com
703 B
1 googletagservices.com
www.googletagservices.com
28 KB
1 googleadservices.com
partner.googleadservices.com
405 B
1 acsbap.com
acsbap.com
93 B
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
111 30
Domain Requested by
26 cdn0.tnwcdn.com www.ductorm.bar
cdn0.tnwcdn.com
12 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
9 thenextweb.com www.ductorm.bar
6 ml314.com 1 redirects www.ductorm.bar
ml314.com
4 img-cdn.tnwcdn.com www.ductorm.bar
4 cdn.elasticad.net 2 redirects www.ductorm.bar
4 gdpr-wrapper.privacymanager.io 1 redirects www.ductorm.bar
gdpr.privacymanager.io
4 massariuscdn.com 2 redirects www.ductorm.bar
4 pagead2.googlesyndication.com www.ductorm.bar
pagead2.googlesyndication.com
3 api.permutive.com cdn.permutive.com
3 securepubads.g.doubleclick.net 1 redirects www.ductorm.bar
securepubads.g.doubleclick.net
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 ps.eyeota.net 1 redirects www.ductorm.bar
2 sync.crwdcntrl.net 2 redirects
2 match.adsrvr.org 2 redirects
2 idsync.rlcdn.com 2 redirects
2 dpm.demdex.net 1 redirects www.ductorm.bar
2 www.google.de www.ductorm.bar
2 www.google.com www.ductorm.bar
2 stats.g.doubleclick.net www.google-analytics.com
2 geo.privacymanager.io gdpr.privacymanager.io
2 acsbapp.com www.ductorm.bar
acsbap.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.googletagmanager.com 1 redirects www.ductorm.bar
2 www.ductorm.bar www.ductorm.bar
1 cdn.acsbapp.com acsbap.com
1 in.ml314.com ml314.com
1 gdpr-consent-tool.privacymanager.io gdpr.privacymanager.io
1 s.w.org www.ductorm.bar
1 api.stack-sonar.com www.ductorm.bar
1 d2lcoyv3ods5zz.cloudfront.net cdn.elasticad.net
1 sync.search.spotxchange.com www.ductorm.bar
1 js.hs-scripts.com www.ductorm.bar
1 ampcid.google.de www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
1 gdpr.privacymanager.io gdpr-wrapper.privacymanager.io
1 ib.adnxs.com cdn.permutive.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 acsbap.com 1 redirects
1 cdn.jsdelivr.net massariuscdn.com
1 cdn.permutive.com www.ductorm.bar
1 www.stack-sonar.com www.ductorm.bar
111 45
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-29 -
2021-07-29
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
www.stack-sonar.com
Amazon
2020-04-21 -
2021-05-21
a year crt.sh
*.privacymanager.io
Amazon
2020-10-24 -
2021-11-23
a year crt.sh
*.elasticad.net
Amazon
2020-03-12 -
2021-04-12
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-10-26 -
2021-04-17
6 months crt.sh
*.acsbapp.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2020-10-05 -
2021-10-05
a year crt.sh
*.google.de
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
*.google.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
api.permutive.com
Let's Encrypt Authority X3
2020-10-24 -
2021-01-22
3 months crt.sh
www.google.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
www.google.de
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
*.ml314.com
Amazon
2020-02-17 -
2021-03-17
a year crt.sh
*.w.org
Sectigo RSA Domain Validation Secure Server CA
2019-12-19 -
2021-12-18
2 years crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA
2018-01-09 -
2021-02-12
3 years crt.sh
*.eyeota.net
Let's Encrypt Authority X3
2020-08-31 -
2020-11-29
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh

This page contains 5 frames:

Primary Page: http://www.ductorm.bar/
Frame ID: C3C4F79644DEFC2E3E8CFBA7E60D3710
Requests: 106 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/zrt_lookup.html
Frame ID: A806EA1949DC3B3688A621F934190553
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6316654596230913&output=html&adk=1812271804&adf=3025194257&lmt=1603843776&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.ductorm.bar%2F&ea=0&flash=0&pra=5&wgl=1&dt=1603843776104&bpp=60&bdt=112&idt=214&shv=r20201021&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7124224998074&frm=20&pv=2&ga_vid=1685109724.1603843776&ga_sid=1603843776&ga_hid=1957294183&ga_fc=0&iag=0&icsg=2181040168&dssz=35&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C21067467&oid=3&pvsid=2199584450450273&pem=139&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=235
Frame ID: A6F33BA586E180000E402664D313B493
Requests: 1 HTTP requests in this frame

Frame: https://gdpr-consent-tool.privacymanager.io/1/index.html
Frame ID: 0076A6C4271E228CD373E5BA6D1CE042
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: F4E3E3457459E874C5C4E6582DA464C8
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

111
Requests

95 %
HTTPS

51 %
IPv6

30
Domains

45
Subdomains

37
IPs

6
Countries

3345 kB
Transfer

6330 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://massariuscdn.com/pubs/tnw/tnw_hb_setup.js HTTP 301
  • https://massariuscdn.com/pubs/tnw/tnw_hb_setup.js
Request Chain 8
  • http://gdpr-wrapper.privacymanager.io/gdpr/ae0205b5-ea64-47a0-b02c-da0c3b2d043a/gdpr-liveramp.js HTTP 301
  • https://gdpr-wrapper.privacymanager.io/gdpr/ae0205b5-ea64-47a0-b02c-da0c3b2d043a/gdpr-liveramp.js
Request Chain 9
  • http://massariuscdn.com/prod/prebid4.3-sovrn.js HTTP 301
  • https://massariuscdn.com/prod/prebid4.3-sovrn.js
Request Chain 10
  • http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 301
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
Request Chain 11
  • http://cdn.elasticad.net/native/serve/js/quantx/nativeEmbed.gz.js HTTP 301
  • https://cdn.elasticad.net/native/serve/js/quantx/nativeEmbed.gz.js
Request Chain 12
  • http://www.googletagmanager.com/gtm.js?id=GTM-MHDDSC HTTP 302
  • https://www.googletagmanager.com/gtm.js?id=GTM-MHDDSC
Request Chain 22
  • https://acsbap.com/apps/app/assets/js/acsb.js HTTP 301
  • https://acsbapp.com/apps/app/assets/js/acsb.js
Request Chain 70
  • http://cdn.elasticad.net/native/serve/js/quantx/prebid.gz.js?v=3 HTTP 301
  • https://cdn.elasticad.net/native/serve/js/quantx/prebid.gz.js?v=3
Request Chain 95
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3614128376143937541&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3614128376143937541&redir=
Request Chain 96
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3614128376143937541 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxNDEyODM3NjE0MzkzNzU0MRAAGg0Iwe3i_AUSBQjoBxAAQgBKAA HTTP 307
  • https://ml314.com/csync.ashx?fp=726498effa980625ac6165972aab9e67628118038108061bdfe11d66b35cdce2f4cb09cee1a4f8eb&person_id=3614128376143937541&eid=50082
Request Chain 97
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=c68fecca-51ac-472a-880c-7c83a5772748 HTTP 302
  • https://ml314.com/csync.ashx?fp=c68fecca-51ac-472a-880c-7c83a5772748&person_id=3614128376143937541&eid=53819
Request Chain 98
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3614128376143937541 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3614128376143937541 HTTP 302
  • https://ml314.com/csync.ashx?fp=59b44ce6a4cb85137a467c200227c394&eid=50146&person_id=3614128376143937541
Request Chain 99
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif

111 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
www.ductorm.bar/
153 KB
25 KB
Document
General
Full URL
http://www.ductorm.bar/
Protocol
HTTP/1.1
Server
2606:4700:3034::ac43:abe0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.3.3
Resource Hash
ee7afd8920c90a73afbe0cda91884dc11afe0a2c2c18477f94678e40d74d6e06

Request headers

Host
www.ductorm.bar
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 28 Oct 2020 00:09:35 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dd6d1f60a5ed5ba37860e48cccfdb674d1603843774; expires=Fri, 27-Nov-20 00:09:34 GMT; path=/; domain=.ductorm.bar; HttpOnly; SameSite=Lax
X-Powered-By
PHP/5.3.3
CF-Cache-Status
DYNAMIC
cf-request-id
060e22ee450000177298a0c000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KDxSs0DKPBEGAubAkGbZAO0n%2BWgMhNvZeBJipSTKBQ5h6iyG7zmJfKoTzgW1rhF0%2FVf7FFU6L4SkgcaTqpo9LMXPgwrhbe803WqtsF9DaNDOmBxpqV5pxGGXrK0%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
5e906dc3a9e51772-FRA
Content-Encoding
gzip
style.css
cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/
181 KB
41 KB
Stylesheet
General
Full URL
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1602775823
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
809d94117440dbd3a55d83820db263193ea565950e0caa9ecf58145d62ddef15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
x-cache
HIT
status
200
vary
Accept-Encoding
cf-request-id
060e22f60a000006145114e000000001
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2d533-5b1b75397cba0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
text/css
x-xss-protection
1; mode=block
cache-control
public, max-age=5184000, must-revalidate
cf-ray
5e906dd01ec10614-FRA
facets.min.css
thenextweb.com/wp-content/plugins/elasticpress/dist/css/
833 B
900 B
Stylesheet
General
Full URL
https://thenextweb.com/wp-content/plugins/elasticpress/dist/css/facets.min.css?ver=3.0.3
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ae6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e391cab635634a5f5456b9309c8eede3ed3e496b954d70eb26b2903c04411ca2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-cacheable
YES
age
44
x-cache
HIT
status
200
vary
Accept-Encoding
content-length
353
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"341-5b1b7518c3bb9-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
text/css
cache-control
public, max-age=5184000, must-revalidate
cf-request-id
060e22f60d00001f199fb84000000001
accept-ranges
bytes
cf-ray
5e906dd019111f19-FRA
jquery.js
thenextweb.com/wp-includes/js/jquery/
95 KB
33 KB
Script
General
Full URL
https://thenextweb.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ae6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-cacheable
YES
age
11
x-cache
HIT
status
200
vary
Accept-Encoding
content-length
33766
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"17ba0-5b1b751a48681-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
application/javascript
cache-control
public, max-age=5184000, must-revalidate
cf-request-id
060e22f60e00001f193eb01000000001
accept-ranges
bytes
cf-ray
5e906dd019151f19-FRA
jquery-migrate.min.js
thenextweb.com/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
https://thenextweb.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ae6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-cacheable
YES
age
11
x-cache
HIT
status
200
vary
Accept-Encoding
content-length
4014
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"2748-5b1b751a48681-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
application/javascript
cache-control
public, max-age=5184000, must-revalidate
cf-request-id
060e22f60e00001f1957a2f000000001
accept-ranges
bytes
cf-ray
5e906dd019181f19-FRA
wordlift-tnw-public.js
thenextweb.com/wp-content/plugins/wordlift-tnw/public/js/
838 B
613 B
Script
General
Full URL
https://thenextweb.com/wp-content/plugins/wordlift-tnw/public/js/wordlift-tnw-public.js?ver=1.5.0-dev
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ae6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-cacheable
YES
age
11
x-cache
HIT
status
200
vary
Accept-Encoding
content-length
479
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"346-5b1b7518e201a-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
application/javascript
cache-control
public, max-age=5184000, must-revalidate
cf-request-id
060e22f60e00001f197aaf8000000001
accept-ranges
bytes
cf-ray
5e906dd0191b1f19-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
131 KB
46 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
353359acf186f7fffc2100f5827d87259ab502aa61fe1e83e46f9cbd77589568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
45811
x-xss-protection
0
server
cafe
etag
2677469815179299219
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 28 Oct 2020 00:09:36 GMT
tnw_hb_setup.js
massariuscdn.com/pubs/tnw/
Redirect Chain
  • http://massariuscdn.com/pubs/tnw/tnw_hb_setup.js
  • https://massariuscdn.com/pubs/tnw/tnw_hb_setup.js
38 KB
7 KB
Script
General
Full URL
https://massariuscdn.com/pubs/tnw/tnw_hb_setup.js
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:8cb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a666a979b0a34342ab9396f175ef2ab23f6b6806c3ac88302c156ab7d98eef8e

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
274
cf-polished
origSize=66042
status
200
cf-request-id
060e22f62500003244f01b2000000001
last-modified
Tue, 27 Oct 2020 12:13:03 GMT
server
cloudflare
etag
W/"5f980ecf-101fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6kp2mXTX9x%2FtGbLUU1H7AmbcWfMN9zfHvlNLLxO0dQMg%2BVWUuvY%2F72yxC%2Fs2V4YjN2JS%2BgxUd%2B%2BkYyxj34WJvpf1kYOrLYr4IW3RfEL5SFK7vwzvDiP%2BM1YONL7y"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
5e906dd03a9b3244-FRA
cf-bgj
minify

Redirect headers

Date
Wed, 28 Oct 2020 00:09:36 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c72IR69LgARuTr9MtQAanduGg5Hnu6IbWhuYEHv4gHwRn5s3Lk5DP6mVVTmRuQ6BVHH%2F0mlsaEIl1FMzMLsVtlfbPTI6andmFEAyNwLofMVybFlIE%2Fer5%2FSE4Hxz"}],"group":"cf-nel","max_age":604800}
Location
https://massariuscdn.com/pubs/tnw/tnw_hb_setup.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5e906dd00d281f51-FRA
cf-request-id
060e22f60400001f510c1ad000000001
Expires
Wed, 28 Oct 2020 01:09:36 GMT
ping.js
www.stack-sonar.com/
6 KB
3 KB
Script
General
Full URL
https://www.stack-sonar.com/ping.js
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.190.98 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5216fcdc6d278ba8cce42f910754b33365608bcba89401423816cc2b7b28f161

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:06:31 GMT
content-encoding
gzip
last-modified
Fri, 06 Sep 2019 17:57:21 GMT
server
AmazonS3
age
194
etag
"4ccf47293af41539d748a114e8658c75"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
CFBCOd-hn4mWKTDzS365_ugP5Ws47Xn9HAQK43MBkZ6hyABOLTv7pg==
via
1.1 124f1c96be6ce1b7012fa9b6449f2ac7.cloudfront.net (CloudFront)
gdpr-liveramp.js
gdpr-wrapper.privacymanager.io/gdpr/ae0205b5-ea64-47a0-b02c-da0c3b2d043a/
Redirect Chain
  • http://gdpr-wrapper.privacymanager.io/gdpr/ae0205b5-ea64-47a0-b02c-da0c3b2d043a/gdpr-liveramp.js
  • https://gdpr-wrapper.privacymanager.io/gdpr/ae0205b5-ea64-47a0-b02c-da0c3b2d043a/gdpr-liveramp.js
314 KB
91 KB
Script
General
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/ae0205b5-ea64-47a0-b02c-da0c3b2d043a/gdpr-liveramp.js
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:1a00:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6af88b1d89db29083d352d6faa95312e6274d8105c28d59baee5a8ebc77f481

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 17:04:06 GMT
content-encoding
gzip
age
25531
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-disposition
attachment; filename="gdpr-liveramp.js"
last-modified
Fri, 23 Oct 2020 13:59:13 GMT
server
AmazonS3
etag
W/"e6b678cbc5cb496eb752d45eee7a72d8"
vary
Accept-Encoding
x-amz-version-id
Eumjiut5ziNkdn2wvKMeJWq.wxGyY.Vd
via
1.1 b63f332297d95bccb0f4e41c4aef0ab1.cloudfront.net (CloudFront)
x-amz-cf-pop
ZAG50-C1
content-type
text/javascript
x-amz-cf-id
cXf-DveZntPbw9Du9ApSk7S-RSsOdFQsSaJEYpH3-kSnDvjC8ok3gg==

Redirect headers

Date
Wed, 28 Oct 2020 00:09:36 GMT
Via
1.1 996a6dcadb486dbb9da5040a9ab13af3.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
ZAG50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://gdpr-wrapper.privacymanager.io/gdpr/ae0205b5-ea64-47a0-b02c-da0c3b2d043a/gdpr-liveramp.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
efal_O5X3w1gt33vGZBIRXWVIarflXJAv1aYPoRa6Y03tjqkCLTOWQ==
prebid4.3-sovrn.js
massariuscdn.com/prod/
Redirect Chain
  • http://massariuscdn.com/prod/prebid4.3-sovrn.js
  • https://massariuscdn.com/prod/prebid4.3-sovrn.js
291 KB
84 KB
Script
General
Full URL
https://massariuscdn.com/prod/prebid4.3-sovrn.js
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:8cb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1381d6f27e58deb7f41ed75f3906cefa0a211e06b3152b5b87e3fe5329aa2cba

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7148
cf-polished
origSize=297700
status
200
cf-request-id
060e22f6c000003244b50a4000000001
last-modified
Mon, 07 Sep 2020 13:38:03 GMT
server
cloudflare
etag
W/"5f5637bb-48ae4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uJE%2FEW6HOmCBmDoIIg1fajo6cYQgBxcArr3tuL7HOOYvwoVZKjJqCFbvx3oG6A9Jp%2Btuu1%2FqSfS75W58v8t3nlfPuvIQBnu%2BbAhJmQfI4LRY0tVzC1G0Xw9B1Wl8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
5e906dd13b803244-FRA
cf-bgj
minify

Redirect headers

Date
Wed, 28 Oct 2020 00:09:36 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0xdO1QaMGx7kPZnuAD41GlsVe8MGKd5PAL5pYJsJDCdWPVwRyoj%2BUm0jDvg1w4aptdUBpX8nlAlOG9RSPLw1pmQv9srfFK27zyfIgT7QNSPuCEJvOwZ0B3lkKfD6"}],"group":"cf-nel","max_age":604800}
Location
https://massariuscdn.com/prod/prebid4.3-sovrn.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5e906dd10e2c1f51-FRA
cf-request-id
060e22f6a100001f51f2058000000001
Expires
Wed, 28 Oct 2020 01:09:36 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
Redirect Chain
  • http://securepubads.g.doubleclick.net/tag/js/gpt.js
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
52 KB
18 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
sffe /
Resource Hash
157e106b9a8de79d7ae828065c91b240e57de111f77c25d91bd11554e2b6acff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"676 / 836 of 1000 / last-modified: 1603836704"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17695
x-xss-protection
0
expires
Wed, 28 Oct 2020 00:09:36 GMT

Redirect headers

Date
Tue, 27 Oct 2020 23:48:17 GMT
X-Content-Type-Options
nosniff
Server
sffe
Age
1279
Content-Type
text/html; charset=UTF-8
Location
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Cache-Control
public, max-age=1800
Content-Length
249
X-XSS-Protection
0
Expires
Wed, 28 Oct 2020 00:18:17 GMT
nativeEmbed.gz.js
cdn.elasticad.net/native/serve/js/quantx/
Redirect Chain
  • http://cdn.elasticad.net/native/serve/js/quantx/nativeEmbed.gz.js
  • https://cdn.elasticad.net/native/serve/js/quantx/nativeEmbed.gz.js
114 KB
33 KB
Script
General
Full URL
https://cdn.elasticad.net/native/serve/js/quantx/nativeEmbed.gz.js
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.99 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-99.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
265e8d8e3675d187a0969a0bf44266d1ac4477cb71f2fe91ba6b93e82a2536ee

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 27 Oct 2020 10:15:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Oct 2020 10:13:58 GMT
Server
AmazonS3
Age
50027
ETag
"646c8cd7fead2ff1a3a8e96835c33b26"
X-Cache
Hit from cloudfront
x-amz-version-id
AW8eq8teYVf7.BcaIKlS.oMAbX96Ci5A
Via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
Connection
keep-alive
X-Amz-Cf-Pop
FRA53-C1
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
33250
X-Amz-Cf-Id
SG8TpeNGnctZ-IRzrnC3fIB_IK3g_ir3Ltl_tb67VkZXvtFbEN268g==

Redirect headers

Date
Wed, 28 Oct 2020 00:09:36 GMT
Via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA53-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://cdn.elasticad.net/native/serve/js/quantx/nativeEmbed.gz.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
P_OaWK6xwxyaRcHlYaIkXzhGdPjhD_bWQkEXfqDmWMDcEVXZa07Xng==
gtm.js
www.googletagmanager.com/
Redirect Chain
  • http://www.googletagmanager.com/gtm.js?id=GTM-MHDDSC
  • https://www.googletagmanager.com/gtm.js?id=GTM-MHDDSC
299 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MHDDSC
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9c3ba53833b9798ad217eeeb508db5afdd46ec9636a03593161faf4d7983a7fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68918
x-xss-protection
0
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Oct 2020 00:09:36 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtm.js?id=GTM-MHDDSC
Date
Wed, 28 Oct 2020 00:09:36 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
Google Tag Manager
Content-Length
250
X-XSS-Protection
0
Content-Type
text/html; charset=UTF-8
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/
230 KB
87 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b93041c86419712e621598adda1d9749ce2855af2fd4d952873ef00905922730
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
88452
x-xss-protection
0
server
cafe
etag
16783570891068550005
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Oct 2020 00:09:36 GMT
970c370e-66b5-4cc7-ad17-1d370e11bf75-web.js
cdn.permutive.com/
282 KB
60 KB
Script
General
Full URL
https://cdn.permutive.com/970c370e-66b5-4cc7-ad17-1d370e11bf75-web.js
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ac2bcfe779bb9859085ac9a6b857b3e1806834eeb2410c29220bded3cee5df0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
br
cf-cache-status
HIT
age
3426
x-guploader-uploadid
ABg5-Uz5rLL-FShvV-UtyfX_Q9zHAnfxD0_xPLh_CpmcwRVadFseCbOTVsED9-j8hZlXp0h3KyWJUyifRG-9rtxGsQo
x-goog-storage-class
REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript
cf-request-id
060e22f6de000027a0452b8000000001
last-modified
Tue, 27 Oct 2020 14:59:18 GMT
server
cloudflare
etag
W/"0fc19e853003e3dd0fa5204c19e9e463"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=uOYRyQ==, md5=D8GehTAD490PpSBMGenkYw==
x-goog-generation
1603810758587295
cache-control
public, max-age=300
x-goog-stored-content-length
69272
cf-ray
5e906dd15b1d27a0-PRG
expires
Wed, 28 Oct 2020 00:14:36 GMT
tnw.svg
cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/
479 B
414 B
Image
General
Full URL
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/tnw.svg
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c2723ad746207b0b451aec197cd753e1f79b052e2faf90bbe6ab7220cf21b34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
x-cache
HIT
status
200
vary
Accept-Encoding
cf-request-id
060e22f6a200000614fa994000000001
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1df-5b1147a897f5e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
image/svg+xml
x-xss-protection
1; mode=block
cache-control
public, max-age=5184000, must-revalidate
cf-ray
5e906dd10fb30614-FRA
ars-maquette-regular.woff
cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/fonts/
37 KB
37 KB
Font
General
Full URL
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/fonts/ars-maquette-regular.woff
Requested by
Host: cdn0.tnwcdn.com
URL: https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1602775823
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ae7369c5505d7e8e8127e757f7a34855e3c11613e49b44120c94c02258a3c9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
http://www.ductorm.bar
Referer
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1602775823
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
x-cache
HIT
status
200
vary
Accept-Encoding
cf-request-id
060e22f6a400002c3e5726e000000001
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"9334-5afceb60be790-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
application/font-woff
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public, max-age=5184000, must-revalidate
cf-ray
5e906dd109c52c3e-FRA
shentox-medium.woff2
cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/fonts/
42 KB
42 KB
Font
General
Full URL
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/fonts/shentox-medium.woff2
Requested by
Host: cdn0.tnwcdn.com
URL: https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1602775823
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7837219984fcedfda0cd8b4e5ea4dfc69828d731d576ce3e5d726df2ac94952b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
http://www.ductorm.bar
Referer
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1602775823
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
x-cache
HIT
status
200
content-length
42590
cf-request-id
060e22f6a400002c3e05856000000001
referrer-policy
unsafe-url
last-modified
Thu, 15 Oct 2020 15:29:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"a65e-5b1b75198517d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
access-control-allow-origin
*
x-xss-protection
1; mode=block
accept-ranges
bytes
cf-ray
5e906dd109c62c3e-FRA
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/ Frame A806
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201021/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.ductorm.bar/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.ductorm.bar/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 27 Oct 2020 11:43:14 GMT
expires
Tue, 10 Nov 2020 11:43:14 GMT
content-type
text/html; charset=UTF-8
etag
5228831996244654541
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4745
x-xss-protection
0
age
44782
cache-control
public, max-age=1209600
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
icons-sprite.svg
cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/
54 KB
10 KB
Image
General
Full URL
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/icons-sprite.svg?1520429355783
Requested by
Host: cdn0.tnwcdn.com
URL: https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1602775823
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
169b7364dbc7ec39c1854b8f3f32494fbc95b141256335e30277b2150c49a16e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1602775823
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
x-cache
HIT
status
200
vary
Accept-Encoding
cf-request-id
060e22f6ce00000614e6a29000000001
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"d9db-5b1147a82d83c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
image/svg+xml
x-xss-protection
1; mode=block
cache-control
public, max-age=5184000, must-revalidate
cf-ray
5e906dd14ff90614-FRA
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
1 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20201028
Requested by
Host: massariuscdn.com
URL: http://massariuscdn.com/prod/prebid4.3-sovrn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4dfcf14639c3e2c0a1a3bbdaf8ae82ac60f09aa6d0d7ff0f5a266817576ca35d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
35790
x-cache
HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
766
etag
W/"53d-SmIOM3ogrMYxdLyBZ3PbSFoRU3k"
x-served-by
cache-fra19138-FRA
date
Wed, 28 Oct 2020 00:09:36 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
analytics.js
www.google-analytics.com/
45 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-MHDDSC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
3228
date
Tue, 27 Oct 2020 23:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Wed, 28 Oct 2020 01:15:48 GMT
acsb.js
acsbapp.com/apps/app/assets/js/
Redirect Chain
  • https://acsbap.com/apps/app/assets/js/acsb.js
  • https://acsbapp.com/apps/app/assets/js/acsb.js
392 KB
393 KB
Script
General
Full URL
https://acsbapp.com/apps/app/assets/js/acsb.js
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
206.189.189.226 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
accessibe-lb-nyc2.jetserver.net
Software
nginx /
Resource Hash
0610c667303a87b45a198d81279a250a787f2ec3080a359a0efd716e4a6c9892

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:37 GMT
last-modified
Mon, 26 Oct 2020 18:54:07 GMT
server
nginx
etag
"62033-5f971b4f-71b3b7fb84061f29;;;"
x-cache-status
HIT
status
200
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=259200 public
accept-ranges
bytes
access-control-allow-headers
*
content-length
401459
expires
Thu, 29 Oct 2020 00:08:38 GMT

Redirect headers

status
301
date
Wed, 28 Oct 2020 00:09:36 GMT
server
nginx
content-length
162
location
https://acsbapp.com/apps/app/assets/js/acsb.js
content-type
text/html
cookie.js
partner.googleadservices.com/gampad/
201 B
405 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.ductorm.bar&callback=_gfp_s_&client=ca-pub-6316654596230913
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
cafe /
Resource Hash
efa5924387faf7b5000e8c554f08e45c8869a6a2cf669a109a09ef6b14a602c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
109 B
832 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ductorm.bar
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
832 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ductorm.bar
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A6F3
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6316654596230913&output=html&adk=1812271804&adf=3025194257&lmt=1603843776&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.ductorm.bar%2F&ea=0&flash=0&pra=5&wgl=1&dt=1603843776104&bpp=60&bdt=112&idt=214&shv=r20201021&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7124224998074&frm=20&pv=2&ga_vid=1685109724.1603843776&ga_sid=1603843776&ga_hid=1957294183&ga_fc=0&iag=0&icsg=2181040168&dssz=35&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C21067467&oid=3&pvsid=2199584450450273&pem=139&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=235
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6316654596230913&output=html&adk=1812271804&adf=3025194257&lmt=1603843776&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.ductorm.bar%2F&ea=0&flash=0&pra=5&wgl=1&dt=1603843776104&bpp=60&bdt=112&idt=214&shv=r20201021&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7124224998074&frm=20&pv=2&ga_vid=1685109724.1603843776&ga_sid=1603843776&ga_hid=1957294183&ga_fc=0&iag=0&icsg=2181040168&dssz=35&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C21067467&oid=3&pvsid=2199584450450273&pem=139&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=235
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.ductorm.bar/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.ductorm.bar/

Response headers

status
403
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 28 Oct 2020 00:09:36 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 28-Oct-2020 00:24:36 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/
72 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93e55098f3846c590ea30d65c602bfd53f858a9bec79dd73a15816a70ec06c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603712362387365"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27565
x-xss-protection
0
expires
Wed, 28 Oct 2020 00:09:36 GMT
getuidj
ib.adnxs.com/
11 B
703 B
XHR
General
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/970c370e-66b5-4cc7-ad17-1d370e11bf75-web.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Oct 2020 00:09:36 GMT
X-Proxy-Origin
89.238.186.243; 89.238.186.243; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.50:80
AN-X-Request-Uuid
bcd4ab32-caaf-481f-ad43-85ede7dba9af
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.ductorm.bar
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
image
img-cdn.tnwcdn.com/
5 KB
5 KB
Image
General
Full URL
https://img-cdn.tnwcdn.com/image?url=https%3A%2F%2Findex.co%2Fuploads%2Flogos%2Fdea14254c4dc70daf5c10cea98ff3fce81daf8b0.png&signature=28b184dafa1137513ab326a515857d84
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c840aa2867af17c031f5cb6f84beb8778aae6bfea4c406bf03bdfad8ebd70a7c

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
cf-cache-status
DYNAMIC
x-fabric-responder
app-867c7f4f97-knh9w
x-cache
HIT
x-proximage-responder
app-867c7f4f97-knh9w-0.4.0
status
200
content-length
4952
cf-request-id
060e22f7760000061435321000000001
server
cloudflare
etag
"e52a4b54ff40a2683b27267d39d36eba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=946080000, public, s-maxage=946080000
x-proximage-origin
gcp
cf-ray
5e906dd259760614-FRA
image
img-cdn.tnwcdn.com/
8 KB
8 KB
Image
General
Full URL
https://img-cdn.tnwcdn.com/image?url=https%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F1227626319187468289%2FWJgwiLdc.jpg&signature=f720fe49a5cecacfea6763dadf7f2d77
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9165ef796522680a8f441a47222a0dd781d7df5e929bece2dfdfa66df6b5fea6

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
cf-cache-status
DYNAMIC
x-fabric-responder
app-867c7f4f97-knh9w
x-cache
HIT
x-proximage-responder
app-867c7f4f97-knh9w-0.4.0
status
200
content-length
7776
cf-request-id
060e22f7750000061412295000000001
server
cloudflare
etag
"028f8889174819eb9242dd317c9cc2e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=946080000, public, s-maxage=946080000
x-proximage-origin
gcp
cf-ray
5e906dd259750614-FRA
image
img-cdn.tnwcdn.com/
15 KB
15 KB
Image
General
Full URL
https://img-cdn.tnwcdn.com/image?url=https%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F1218101977588142080%2Fqs7Rpo8f.jpg&signature=2ecc5b5e214a0492c34e1513b06dd951
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de1d50571313420ddc3b814ba55372e6ae702adee8cbbe7ee18c7dc7d8e4114e

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
cf-cache-status
DYNAMIC
x-fabric-responder
app-867c7f4f97-knh9w
x-cache
HIT
x-proximage-responder
app-867c7f4f97-knh9w-0.4.0
status
200
content-length
15553
cf-request-id
060e22f7760000061435322000000001
server
cloudflare
etag
"e7b64e32c6ee1d4c35510203ad39ec0e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=946080000, public, s-maxage=946080000
x-proximage-origin
gcp
cf-ray
5e906dd259780614-FRA
193a83dd-c95f-4aba-9cda-1974d50e5924
http://www.ductorm.bar/
90 KB
0
Other
General
Full URL
blob:http://www.ductorm.bar/193a83dd-c95f-4aba-9cda-1974d50e5924
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15397b34a2486670a0010dc9d02eced53588db4a495fcc2104be45cefaf06571

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
92299
image-gradient.png
cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/
2 KB
2 KB
Image
General
Full URL
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/image-gradient.png
Requested by
Host: cdn0.tnwcdn.com
URL: https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1602775823
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d6f9711e0b89931512ec47583e3b7014826651e1b9bb706634a712a1106439f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1602775823
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
x-cache
HIT
status
200
content-length
1690
cf-request-id
060e22f78200000614f5199000000001
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"69a-5b1147a82d83c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
image/png
x-xss-protection
1; mode=block
cache-control
public, max-age=5184000, must-revalidate
accept-ranges
bytes
cf-ray
5e906dd2698d0614-FRA
cover-gradient.png
cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/
6 KB
6 KB
Image
General
Full URL
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/cover-gradient.png
Requested by
Host: cdn0.tnwcdn.com
URL: https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1602775823
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee0157849d937bcf6db427f4b1a5985304cc3505a33a6cfc504a11c71c605246
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1602775823
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
x-cache
HIT
status
200
content-length
5740
cf-request-id
060e22f78200000614f1bc5000000001
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"166c-5b1147a82c89c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
image/png
x-xss-protection
1; mode=block
cache-control
public, max-age=5184000, must-revalidate
accept-ranges
bytes
cf-ray
5e906dd269900614-FRA
tnw2020-feature_img-02.jpg
cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2020/10/
1 MB
1 MB
Image
General
Full URL
https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2020/10/tnw2020-feature_img-02.jpg
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d4c37ba884ed738a2e11d5d18fdb28fb6c3bd77e3c60be74dfd3e25381b853b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
x-cache
HIT
status
200
content-length
1171257
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
cf-bgj
h2pri
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"11df39-5b0acb0d508f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
image/jpeg
cache-control
public, max-age=5184000, must-revalidate
cf-request-id
060e22f78500000614f132f000000001
accept-ranges
bytes
cf-ray
5e906dd269920614-FRA
truncated
/
169 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0e0c8467f3149a324a72e7c918519dff8ea9bf7f1806675d72918a2b4d88315

Request headers

Referer
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1602775823
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
avalon-bold.woff
cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/fonts/
26 KB
26 KB
Font
General
Full URL
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/fonts/avalon-bold.woff
Requested by
Host: cdn0.tnwcdn.com
URL: https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1602775823
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2617f853ce2aba81506f0216ea94dc22ef468b70d9487868ccf3cddf5bf0f0a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
http://www.ductorm.bar
Referer
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1602775823
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
x-cache
HIT
status
200
vary
Accept-Encoding
cf-request-id
060e22f78500002c3e2aaf9000000001
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"66ac-5afceb60be790-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
application/font-woff
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public, max-age=5184000, must-revalidate
cf-ray
5e906dd26bf92c3e-FRA
ars-maquette-bold-alt.woff
cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/fonts/
39 KB
39 KB
Font
General
Full URL
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/fonts/ars-maquette-bold-alt.woff
Requested by
Host: cdn0.tnwcdn.com
URL: https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1602775823
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
350b3fd2c9fd85e57d9b671154fe97578e582e74ee1fc8afa87062b1faf75a36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
http://www.ductorm.bar
Referer
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1602775823
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
x-cache
HIT
status
200
vary
Accept-Encoding
cf-request-id
060e22f78500002c3e3686c000000001
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"9c54-5afceb60bc850-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
application/font-woff
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public, max-age=5184000, must-revalidate
cf-ray
5e906dd26bfb2c3e-FRA
gdpr.bundle.js
gdpr.privacymanager.io/1/
161 KB
48 KB
Script
General
Full URL
https://gdpr.privacymanager.io/1/gdpr.bundle.js
Requested by
Host: gdpr-wrapper.privacymanager.io
URL: http://gdpr-wrapper.privacymanager.io/gdpr/ae0205b5-ea64-47a0-b02c-da0c3b2d043a/gdpr-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:1c00:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd0ffb801525d07f536e396c4f4dcafcc81aa1a90d3e402b6521a116ce8f959d

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 23:45:09 GMT
content-encoding
gzip
age
1468
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
last-modified
Tue, 13 Oct 2020 12:23:34 GMT
server
AmazonS3
etag
W/"2b5ba9bdee2c1f26dd694eb363bf04e0"
vary
Accept-Encoding
x-amz-version-id
dtRoUj1Q0pCyUakSLUvkY36XxYVJFsml
via
1.1 447f0defb04b912ed949f0fdd5a6492e.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-pop
ZAG50-C1
content-type
application/x-javascript
x-amz-cf-id
lwSvTM0yv7QsQRjUjj0HiNJcvt_grxF71-OChSQCLIwU7sm9zjtlNg==
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
937 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:05:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
244
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Wed, 28 Oct 2020 01:05:32 GMT
ec.js
www.google-analytics.com/plugins/ua/
3 KB
2 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:04:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
335
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Wed, 28 Oct 2020 01:04:01 GMT
publisher:getClientId
ampcid.google.com/v1/
74 B
545 B
XHR
General
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
http://www.ductorm.bar
access-control-expose-headers
content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
pubads_impl_2020102201.js
securepubads.g.doubleclick.net/gpt/
274 KB
96 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
sffe /
Resource Hash
9ccb61031667dbac3cdba7043e98c6db961e044679dc28b81eb11031dd4ce45f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Oct 2020 08:43:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98380
x-xss-protection
0
expires
Wed, 28 Oct 2020 00:09:36 GMT
publisher:getClientId
ampcid.google.de/v1/
3 B
474 B
XHR
General
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
http://www.ductorm.bar
access-control-expose-headers
content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
graphql
api.permutive.com/
411 B
527 B
XHR
General
Full URL
https://api.permutive.com/graphql?k=d6c42980-42e9-4537-93f1-f2c3fd326c4a
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/970c370e-66b5-4cc7-ad17-1d370e11bf75-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e5e06707fff542a2cbd6c23611f4806373df9b0b322755c5b5d43b940920688c

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
server
Permutive
status
200
vary
Origin,Access-Control-Request-Method
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
http://www.ductorm.bar
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-max-age
86400
alt-svc
clear
content-length
271
via
1.1 google
image
img-cdn.tnwcdn.com/
6 KB
6 KB
Image
General
Full URL
https://img-cdn.tnwcdn.com/image?url=https%3A%2F%2Findex.co%2Fuploads%2Flogos%2Fa14b18344ae9d50967759a9cad5407d2b93b3cce.png&signature=d028a62644362b75008fb80c0baf3180
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12593a67910dec9dc1e0e5f56bb51d3aba370308dc11a7bda603f9fb9da843d0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
cf-cache-status
DYNAMIC
x-fabric-responder
app-867c7f4f97-dl2lr
x-cache
HIT
x-proximage-responder
app-867c7f4f97-dl2lr-0.4.0
status
200
content-length
6169
cf-request-id
060e22f80a0000061415214000000001
server
cloudflare
etag
"76837b4f0821b7ca4f138940a7c4c311"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=946080000, public, s-maxage=946080000
x-proximage-origin
gcp
cf-ray
5e906dd34a850614-FRA
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/ae0205b5-ea64-47a0-b02c-da0c3b2d043a/ Frame
0
0
Other
General
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/ae0205b5-ea64-47a0-b02c-da0c3b2d043a/vendor-list.json
Protocol
H2
Server
2600:9000:20d7:1a00:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
http://www.ductorm.bar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
content-length
0
date
Tue, 27 Oct 2020 17:04:07 GMT
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-allow-headers
content-type
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 e9ebe38de33a70557cf9d9c1d7e5d11f.cloudfront.net (CloudFront)
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
GVjxNsTeGvm91K13rMtcTic35UQeso1lK7dnFt1SFVv_gLp_VVDqAQ==
age
25530
/
geo.privacymanager.io/ Frame
0
0
Other
General
Full URL
https://geo.privacymanager.io/
Protocol
H2
Server
143.204.201.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-123.fra53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
http://www.ductorm.bar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
content-type
application/json
content-length
0
date
Wed, 28 Oct 2020 00:09:36 GMT
x-amzn-requestid
5bcc258e-65b6-4c6b-967d-995c06d14414
access-control-allow-origin
*
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
VGF-HEDqDoEFf1g=
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront), 1.1 73f3a23156999272233949c078c30859.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1 FRA53-C1
x-cache
Miss from cloudfront
x-amz-cf-id
K5D6g3HO55e4nTcmLDEnaISOnuPYzia5Pp6T1TVk_OsotEIyQDmGyA==
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/ae0205b5-ea64-47a0-b02c-da0c3b2d043a/
155 KB
22 KB
Fetch
General
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/ae0205b5-ea64-47a0-b02c-da0c3b2d043a/vendor-list.json
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/1/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:1a00:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8da1af8589b29ace0da06a885d0f1fb9fc4d43ab65eeafca2255eb6442114bd

Request headers

Accept
application/json
Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

x-amz-version-id
jPrQ7XxMqS4_tiGdcvhj6H0oro1aDCfN
content-encoding
gzip
etag
"0621c066d6754c9d7f92f20f31bccb9c"
age
295
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Tue, 27 Oct 2020 17:02:51 GMT
server
AmazonS3
date
Wed, 28 Oct 2020 00:09:25 GMT
access-control-allow-methods
GET
content-type
application/json
via
1.1 e9ebe38de33a70557cf9d9c1d7e5d11f.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
qZ4LO62Q1Fk02Uo0UO6wGcnycRh2NPYgz1W5JhOHX6OzTVgB3zRBbg==
/
geo.privacymanager.io/
30 B
603 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/1/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-123.fra53.r.cloudfront.net
Software
/
Resource Hash
ffb179007f1261c9a1dbc3ae53dda0400c6ebda26ce176d21d40b84160b2000c

Request headers

Accept
application/json
Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Oct 2020 03:47:19 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront), 1.1 73f3a23156999272233949c078c30859.cloudfront.net (CloudFront)
age
73337
x-amzn-requestid
7433d4cc-79b3-4bc8-9e46-4a3f5254a6c5
status
200
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-5f979847-574c21f363fe10ca1ef22bb2;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1, FRA53-C1
x-amz-apigw-id
VDS7IFTajoEFX_A=
content-length
30
x-amz-cf-id
KrrPUfjORazEPUzISybhyRiHtT7L5mnNThorU7Wr8OxP_aDlc_WgjQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
collect
www.google-analytics.com/
35 B
259 B
Other
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 00:09:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
http://www.ductorm.bar
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
467 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-729494-4&cid=1685109724.1603843776&jid=906514413&gjid=243949008&_gid=1353716557.1603843777&_u=aChAgUArQAQCAE~&z=1179397373
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 28 Oct 2020 00:09:36 GMT
status
200
content-type
text/plain
access-control-allow-origin
http://www.ductorm.bar
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/
79 KB
31 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-KWW25VS&t=primary&cid=1685109724.1603843776&aip=true
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2ad2f4a41be0467f37700a089ed820245134803c9a2893c15774066638830e88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31907
x-xss-protection
0
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Oct 2020 00:09:36 GMT
stackpath.svg
cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/
3 KB
2 KB
Image
General
Full URL
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/stackpath.svg
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
710353b5dc82107d4a281beea246c50b540ee446079bfab9521782720fd3deba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
x-cache
HIT
status
200
vary
Accept-Encoding
cf-request-id
060e22f87100000614ee230000000001
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"bcf-5b1b7519ddf5f-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
image/svg+xml
x-xss-protection
1; mode=block
cache-control
public, max-age=5184000, must-revalidate
cf-ray
5e906dd3eb710614-FRA
icon-twitter.svg
cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/
530 B
438 B
Image
General
Full URL
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/icon-twitter.svg
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a0caa7f2c3dda6f0b39dec629aec475f2f27073521b660a85a0812ab572b243
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
x-cache
HIT
status
200
vary
Accept-Encoding
cf-request-id
060e22f8710000061404397000000001
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"212-5b1147a82d83c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
image/svg+xml
x-xss-protection
1; mode=block
cache-control
public, max-age=5184000, must-revalidate
cf-ray
5e906dd3eb730614-FRA
icon-facebook.svg
cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/
311 B
341 B
Image
General
Full URL
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/icon-facebook.svg
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de133925b660ae2bcf6f7f675b1db8923d94a59b0606ea5413769466e1b6e520
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
x-cache
HIT
status
200
vary
Accept-Encoding
cf-request-id
060e22f87100000614419b3000000001
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"137-5b1147a82d83c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
image/svg+xml
x-xss-protection
1; mode=block
cache-control
public, max-age=5184000, must-revalidate
cf-ray
5e906dd3eb740614-FRA
tnw-black.svg
cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/
590 B
497 B
Image
General
Full URL
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/tnw-black.svg
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63dfba878534f6a505c5bf32607c690631d6e47725661b2be0b3927f4ee1406b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
age
0
x-cache
HIT
status
200
vary
Accept-Encoding
cf-request-id
060e22f87200000614358a6000000001
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"24e-5b1147a89313e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
image/svg+xml
x-xss-protection
1; mode=block
cache-control
public, max-age=5184000, must-revalidate
cf-ray
5e906dd3eb760614-FRA
advertisement.js
www.ductorm.bar/wp-content/
0
699 B
Script
General
Full URL
http://www.ductorm.bar/wp-content/advertisement.js
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
HTTP/1.1
Server
2606:4700:3034::ac43:abe0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 28 Oct 2020 00:09:38 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TF%2B395LWEU6eY5HoQvTgdufKmeT67eNKumtjDvSl3RukPbj61EKeU%2F4S1wq%2BJg%2FdJMM13Fg6n1Taa%2BcBjFqpno36nvIVgV5xzws7SefxPcm9vwNAwWmQhIhFGLQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5e906dd3eba01772-FRA
cf-request-id
060e22f8710000177295a8e000000001
app.min.js
cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/js/
264 KB
100 KB
Script
General
Full URL
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/js/app.min.js?v=1602775830
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f71d0d9da7e6c5341ddf2cfcc5bf340b4b4aae5ed887117fb833ecfecdb62f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
x-cache
HIT
status
200
vary
Accept-Encoding
cf-request-id
060e22f87200000614f51a7000000001
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"42086-5b1b754070083-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
public, max-age=5184000, must-revalidate
cf-ray
5e906dd3eb790614-FRA
.js
js.hs-scripts.com/
0
0
Script
General
Full URL
http://js.hs-scripts.com/.js?integration=WordPress
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
HTTP/1.1
Server
2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
http://www.ductorm.bar
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
3600
bundle.js
thenextweb.com/wp-content/plugins/wordlift/js/dist/
31 KB
11 KB
Script
General
Full URL
https://thenextweb.com/wp-content/plugins/wordlift/js/dist/bundle.js?ver=3.25.5.1
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ae6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccc1b7f0f66d94b6a1759d650010f55b7c3daa39a3bbee2c5b39860960d85c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-cacheable
YES
age
10
x-cache
HIT
status
200
vary
Accept-Encoding
content-length
11168
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"7cae-5b1b75190a0ba-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
application/javascript
cache-control
public, max-age=5184000, must-revalidate
cf-request-id
060e22f87300001f19718fd000000001
accept-ranges
bytes
cf-ray
5e906dd3ee4d1f19-FRA
wordlift-cloud.js
thenextweb.com/wp-content/plugins/wordlift/js/dist/
555 KB
182 KB
Script
General
Full URL
https://thenextweb.com/wp-content/plugins/wordlift/js/dist/wordlift-cloud.js?ver=3.25.5.1
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ae6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0e1041f89ecc1f666de7608606657ef7761d6c3531e44d25cd5a065b6fc8b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-cacheable
YES
age
10
x-cache
HIT
status
200
vary
Accept-Encoding
content-length
185616
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"8ad8a-5b1b751917b7b-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
application/javascript
cache-control
public, max-age=5184000, must-revalidate
cf-request-id
060e22f87400001f19691e9000000001
accept-ranges
bytes
cf-ray
5e906dd3ee4f1f19-FRA
underscore.min.js
thenextweb.com/wp-includes/js/
16 KB
6 KB
Script
General
Full URL
https://thenextweb.com/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ae6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f5b2528815d8b1cd9b68b1a4bb1fe689696f8dcbc2c4a5104343b886ee68828
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-cacheable
YES
age
10
x-cache
HIT
status
200
vary
Accept-Encoding
content-length
5822
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"401a-5b1b751a54201-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
application/javascript
cache-control
public, max-age=5184000, must-revalidate
cf-request-id
060e22f87400001f197ab18000000001
accept-ranges
bytes
cf-ray
5e906dd3ee501f19-FRA
facets.min.js
thenextweb.com/wp-content/plugins/elasticpress/dist/js/
2 KB
875 B
Script
General
Full URL
https://thenextweb.com/wp-content/plugins/elasticpress/dist/js/facets.min.js?ver=3.0.3
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ae6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22b4a1e088e3899531742edae5d45f68f354230b926d5d6e9ded10b1766433c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-cacheable
YES
age
10
x-cache
HIT
status
200
vary
Accept-Encoding
content-length
760
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"615-5b1b7518c3bb9-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
application/javascript
cache-control
public, max-age=5184000, must-revalidate
cf-request-id
060e22f87400001f1948861000000001
accept-ranges
bytes
cf-ray
5e906dd3ee521f19-FRA
deals-ribbon.svg
cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/
103 B
331 B
Image
General
Full URL
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/deals-ribbon.svg
Requested by
Host: cdn0.tnwcdn.com
URL: https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1602775823
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4398cc2de1c610a9268600b04ac981c6d6d4cca8ee5020613c4edfaa1e75171
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1602775823
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
x-cache
HIT
status
200
vary
Accept-Encoding
cf-request-id
060e22f87600000614fa9aa000000001
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"67-5b1147a82c89c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
image/svg+xml
x-xss-protection
1; mode=block
cache-control
public, max-age=5184000, must-revalidate
cf-ray
5e906dd3fb830614-FRA
wp-emoji-release.min.js
thenextweb.com/wp-includes/js/
12 KB
4 KB
Script
General
Full URL
https://thenextweb.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ae6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-cacheable
YES
age
9
x-cache
HIT
status
200
vary
Accept-Encoding
content-length
4382
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"2efa-5b1b751a551a1-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
application/javascript
cache-control
public, max-age=5184000, must-revalidate
cf-request-id
060e22f8b400001f197539a000000001
accept-ranges
bytes
cf-ray
5e906dd45ebe1f19-FRA
ga-audiences
www.google.com/ads/
42 B
289 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-729494-4&cid=1685109724.1603843776&jid=906514413&_u=aChAgUArQAQCAE~&z=1473079869
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 00:09:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
494 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-729494-4&cid=1685109724.1603843776&jid=906514413&_u=aChAgUArQAQCAE~&z=1473079869
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 00:09:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/
0
360 B
Image
General
Full URL
http://sync.search.spotxchange.com/partner?source=204258
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
HTTP/1.1
Server
185.94.180.126 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-spotx-halt-type
Audience DSP sync endpoint was unable to cookie the audience.
Date
Wed, 28 Oct 2020 00:09:36 GMT
X-fe
57
Connection
keep-alive
Content-Length
0
Server
nginx
Content-Type
text/plain
prebid.gz.js
cdn.elasticad.net/native/serve/js/quantx/
Redirect Chain
  • http://cdn.elasticad.net/native/serve/js/quantx/prebid.gz.js?v=3
  • https://cdn.elasticad.net/native/serve/js/quantx/prebid.gz.js?v=3
179 KB
56 KB
Script
General
Full URL
https://cdn.elasticad.net/native/serve/js/quantx/prebid.gz.js?v=3
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.99 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-99.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
266010587b8b7d35e2a12291c7f2290e1d02c4071a7de00d86fde4a5a720270a

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
JEJtN1w0e5HVCjNKCMJdWl3ri7UuWOqQ
Content-Encoding
gzip
Last-Modified
Mon, 17 Aug 2020 17:41:19 GMT
Server
AmazonS3
Age
41191
ETag
"38474576b8276f93b92c68d2dfcff56d"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
Connection
keep-alive
Date
Tue, 27 Oct 2020 12:43:06 GMT
X-Amz-Cf-Pop
FRA53-C1
Accept-Ranges
bytes
Content-Length
57044
X-Amz-Cf-Id
STHi9C2G8swasc7vQzIOgCNRKGqXnfn0OccPrCrzAn7ulcr_7DMtJQ==

Redirect headers

Date
Wed, 28 Oct 2020 00:09:36 GMT
Via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA53-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://cdn.elasticad.net/native/serve/js/quantx/prebid.gz.js?v=3
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
Y8CQz2hUK_CvylNbqb0ULZ0KDqab6lUUyNhFcEOhmTKGSS5uqyT_Qg==
pconfig
d2lcoyv3ods5zz.cloudfront.net/native/placements/ductorm.bar/
0
0
Script
General
Full URL
http://d2lcoyv3ods5zz.cloudfront.net/native/placements/ductorm.bar/pconfig?r=0268d9759867d
Requested by
Host: cdn.elasticad.net
URL: http://cdn.elasticad.net/native/serve/js/quantx/nativeEmbed.gz.js
Protocol
HTTP/1.1
Server
2600:9000:214f:e200:1f:8262:97c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

event
api.stack-sonar.com/v1/
0
101 B
Image
General
Full URL
https://api.stack-sonar.com/v1/event?ts=1603843776055&_v=1.1.6&_c=stack-connect-wp&_a=xbcLoqGe2L037SCrJ_Im4A&_f=0&_u=http%3A%2F%2Fwww.ductorm.bar%2F&_r=&_x=0&_l=&_p=0&_z=1603843776771.837036993&_y=1603843776772.933177563&_t=1603843777&_s=send&_e=session-start
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.35.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-35-40.compute-1.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Wed, 28 Oct 2020 00:09:37 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.14.1
vary
Origin
tag.aspx
ml314.com/
26 KB
12 KB
Script
General
Full URL
https://ml314.com/tag.aspx?2892020
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.58.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-58-217.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
390a28be2ca4bcea5b71fe050295281a1a8fc99175690cdd62de378190400acb

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 28 Oct 2020 00:09:36 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Oct 2020 16:51:34 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=60117
Connection
keep-alive
Content-Length
11933
Expires
Wed, 28 Oct 2020 16:51:34 GMT
collect
www.google-analytics.com/j/
2 B
35 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1957294183&t=event&ni=1&_s=1&dl=http%3A%2F%2Fwww.ductorm.bar%2F&ul=en-us&de=UTF-8&dt=TNW&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=JavaScript%20Errors&ea=Uncaught%20TypeError%3A%20%24%20is%20not%20a%20function&el=1%3A%20&_u=aDjAAUArQAQCAG~&jid=532352870&gjid=1704690205&cid=1685109724.1603843776&tid=UA-729494-4&_gid=1353716557.1603843777&_r=1&gtm=2wgae2MHDDSC&cm6=undefined&cm7=undefined&cm8=undefined&cm9=undefined&cm10=undefined&cm11=undefined&z=1463182860
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 00:09:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
http://www.ductorm.bar
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
58 B
Other
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 00:09:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
http://www.ductorm.bar
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
58 B
Other
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 00:09:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
http://www.ductorm.bar
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
58 B
Other
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 00:09:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
http://www.ductorm.bar
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
1f91d.svg
s.w.org/images/core/emoji/11/svg/
3 KB
2 KB
Image
General
Full URL
https://s.w.org/images/core/emoji/11/svg/1f91d.svg
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
7ee1662223f892e8cf30d85091cefb6abe381f25e2b2306b71c6566df95e6254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT fra 2
date
Wed, 28 Oct 2020 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 08 Jun 2018 13:09:35 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
stats.g.doubleclick.net/j/
4 B
445 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-729494-4&cid=1685109724.1603843776&jid=532352870&gjid=1704690205&_gid=1353716557.1603843777&_u=aDjAAUArQAQCAG~&z=1028814222
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 28 Oct 2020 00:09:36 GMT
status
200
content-type
text/plain
access-control-allow-origin
http://www.ductorm.bar
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
gdpr-consent-tool.privacymanager.io/1/ Frame 0076
0
0
Document
General
Full URL
https://gdpr-consent-tool.privacymanager.io/1/index.html
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/1/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:4000:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
gdpr-consent-tool.privacymanager.io
:scheme
https
:path
/1/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.ductorm.bar/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.ductorm.bar/

Response headers

status
200
content-type
text/html
content-length
923
last-modified
Tue, 06 Oct 2020 06:06:30 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
FFOAub1wRgDo4sHUmOCw.LzCTeoB0IgN
accept-ranges
bytes
server
AmazonS3
date
Wed, 28 Oct 2020 00:06:41 GMT
etag
"e91b4eededf5f7e5d944ebea5811d2f0"
cache-control
must-revalidate,public,max-age=3600
x-cache
Hit from cloudfront
via
1.1 9680e9cb5cbc773ebfed1b7a558f7db6.cloudfront.net (CloudFront)
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
khpTnEb9uLS9wswgw-3ALFKAIposGLlXzxfbqTcLPuCkFLS1G6PM4Q==
age
178
ga-audiences
www.google.com/ads/
42 B
270 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-729494-4&cid=1685109724.1603843776&jid=532352870&_u=aDjAAUArQAQCAG~&z=847342804
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 00:09:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
472 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-729494-4&cid=1685109724.1603843776&jid=532352870&_u=aDjAAUArQAQCAG~&z=847342804
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 00:09:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Netflix-Assassins-Creed-796x417.jpg
cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2020/10/
14 KB
14 KB
Image
General
Full URL
https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2020/10/Netflix-Assassins-Creed-796x417.jpg
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adcd76ce5fc0e051445687d585a9625d9069b92c58b637413a578b7547ada53f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
age
70
x-cache
HIT
status
200
content-length
14513
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
cf-bgj
h2pri
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"38b1-5b2ae773c396c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
image/jpeg
cache-control
public, max-age=5184000, must-revalidate
cf-request-id
060e22f9c10000061456aa9000000001
accept-ranges
bytes
cf-ray
5e906dd60e1c0614-FRA
Cyberpunk-2077-Keanu-Reeves-hed-796x419.jpg
cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2019/06/
30 KB
30 KB
Image
General
Full URL
https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2019/06/Cyberpunk-2077-Keanu-Reeves-hed-796x419.jpg
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f2f0bb78bf614fb44810d4209bf3c5ef4e0379b122747eed4c4619df37225b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
x-cache
HIT
status
200
content-length
31052
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
cf-bgj
h2pri
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"794c-58af1e07abb29"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
image/jpeg
cache-control
public, max-age=5184000, must-revalidate
cf-request-id
060e22f9c200000614e3211000000001
accept-ranges
bytes
cf-ray
5e906dd60e1d0614-FRA
Snag_1f4c1746-518x270.png
cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2020/10/
33 KB
34 KB
Image
General
Full URL
https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2020/10/Snag_1f4c1746-518x270.png
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c660b952893bd73ebed871d9e8d27cd9b41943521be4c20055429a9aa13e6980
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
age
102
x-cache
HIT
status
200
content-length
34200
cf-request-id
060e22f9c200000614f134d000000001
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"8598-5b2af7f9eca69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
image/png
x-xss-protection
1; mode=block
cache-control
public, max-age=5184000, must-revalidate
accept-ranges
bytes
cf-ray
5e906dd60e1e0614-FRA
intelamd-480x270.jpg
cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2020/07/
13 KB
13 KB
Image
General
Full URL
https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2020/07/intelamd-480x270.jpg
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
328613d6b2da5cb73b416cda0a0f12cbd1b4cf963a217dc8bc91d1988b2caca8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
age
21
x-cache
HIT
status
200
content-length
13307
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
cf-bgj
h2pri
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"33fb-5ab6a9cdd180e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
image/jpeg
cache-control
public, max-age=5184000, must-revalidate
cf-request-id
060e22f9c200000614ee246000000001
accept-ranges
bytes
cf-ray
5e906dd60e1f0614-FRA
google-logo-podium-540x270.png
cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2020/10/
114 KB
114 KB
Image
General
Full URL
https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2020/10/google-logo-podium-540x270.png
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94dcbac161d6f73e7ee0c84accb87422220dd392dc230e3c04ad93123b7fdabf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
age
46
x-cache
HIT
status
200
content-length
116274
cf-request-id
060e22f9c200000614e9b2c000000001
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1c632-5b293bdd27d47"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
image/png
x-xss-protection
1; mode=block
cache-control
public, max-age=5184000, must-revalidate
accept-ranges
bytes
cf-ray
5e906dd60e200614-FRA
header-image-astrohaus-freewrite-traveler-516x270.png
cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2020/10/
29 KB
30 KB
Image
General
Full URL
https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2020/10/header-image-astrohaus-freewrite-traveler-516x270.png
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23c10039b28431e709f69e17f9f7b80ebb7b2351aac01d44f0c2eec9d412d003
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
age
3
x-cache
HIT
status
200
content-length
30205
cf-request-id
060e22f9c2000006141c0ee000000001
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"75fd-5b2a7b7628ca3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
image/png
x-xss-protection
1; mode=block
cache-control
public, max-age=5184000, must-revalidate
accept-ranges
bytes
cf-ray
5e906dd60e230614-FRA
0-1-270x270.jpeg
cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2020/10/
17 KB
17 KB
Image
General
Full URL
https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2020/10/0-1-270x270.jpeg
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c82b41dacba34cb0cf1d74ad455d311f885830417519c452100e797efe27895c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
age
27
x-cache
HIT
status
200
content-length
16994
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
cf-bgj
h2pri
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"4262-5b2a78d09c695"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
image/jpeg
cache-control
public, max-age=5184000, must-revalidate
cf-request-id
060e22f9c2000006141100c000000001
accept-ranges
bytes
cf-ray
5e906dd60e240614-FRA
image-1-11-516x270.png
cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2020/10/
65 KB
65 KB
Image
General
Full URL
https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2020/10/image-1-11-516x270.png
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82089ba3f908750d678924b84e9a8f3733e16b90a7ad647feac0d0312077bcfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
age
60
x-cache
HIT
status
200
content-length
66511
cf-request-id
060e22f9c300000614fcbed000000001
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"103cf-5b2a4b17df708"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
image/png
x-xss-protection
1; mode=block
cache-control
public, max-age=5184000, must-revalidate
accept-ranges
bytes
cf-ray
5e906dd60e250614-FRA
pexels-torsten-dettlaff-193003-1-540x270.jpg
cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2020/10/
16 KB
16 KB
Image
General
Full URL
https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2020/10/pexels-torsten-dettlaff-193003-1-540x270.jpg
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a795d327a165c832a98a787f9ca2342c34b5e24a00259b0be6d739d634ac6cdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
age
60
x-cache
HIT
status
200
content-length
16564
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
cf-bgj
h2pri
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"40b4-5b29f84fa4b34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
image/jpeg
cache-control
public, max-age=5184000, must-revalidate
cf-request-id
060e22f9c3000006141bb6e000000001
accept-ranges
bytes
cf-ray
5e906dd60e270614-FRA
boat-yacht-super-electric-hybrid-travel-environment-economy-future-480x270.jpg
cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2020/10/
25 KB
25 KB
Image
General
Full URL
https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2020/10/boat-yacht-super-electric-hybrid-travel-environment-economy-future-480x270.jpg
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52739e445776aa1a7dcdd6222d7d4b0c1974d4c6c1aa384ceb918997231c9388
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:36 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
YES
age
16
x-cache
HIT
status
200
content-length
25166
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
cf-bgj
h2pri
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"624e-5b2a72581574e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
content-type
image/jpeg
cache-control
public, max-age=5184000, must-revalidate
cf-request-id
060e22f9c600000614ed1f9000000001
accept-ranges
bytes
cf-ray
5e906dd60e290614-FRA
utsync.ashx
ml314.com/
644 B
1 KB
Script
General
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=80370&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=http%3A%2F%2Fwww.ductorm.bar%2F&pv=1603843777064_zqp39z14g&bl=en-us&cb=371041&return=&ht=&d=&dc=&si=1603843777064_zqp39z14g&cid=&s=1600x1200&rp=
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?2892020
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.58.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-58-217.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5a1736ffa1736c0deac526df0aa36252b65583a471c6d05c5ae5bcfc2ab89005

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Oct 2020 00:09:36 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
private
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
465
Expires
0
ud.ashx
in.ml314.com/
20 B
482 B
Script
General
Full URL
https://in.ml314.com/ud.ashx?topiclimit=&cb=2892020
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?2892020
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.179.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-179-232.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 28 Oct 2020 00:09:37 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public
Connection
keep-alive
Content-Length
138
Expires
Thu, 29 Oct 2020 00:09:37 GMT
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3614128376143937541&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3614128376143937541&redir=
42 B
915 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3614128376143937541&redir=
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.250.252.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-250-252-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v084-0f9459597.edge-irl1.demdex.com 5.78.2.20201014153347 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
Odekpbo+RKI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
sbnpLg1NShs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3614128376143937541&redir=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
csync.ashx
ml314.com/
Redirect Chain
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3614128376143937541
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxNDEyODM3NjE0MzkzNzU0MRAAGg0Iwe3i_AUSBQjoBxAAQgBKAA
  • https://ml314.com/csync.ashx?fp=726498effa980625ac6165972aab9e67628118038108061bdfe11d66b35cdce2f4cb09cee1a4f8eb&person_id=3614128376143937541&eid=50082
43 B
312 B
Image
General
Full URL
https://ml314.com/csync.ashx?fp=726498effa980625ac6165972aab9e67628118038108061bdfe11d66b35cdce2f4cb09cee1a4f8eb&person_id=3614128376143937541&eid=50082
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.58.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-58-217.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 28 Oct 2020 00:09:37 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Wed, 28 Oct 2020 20:09:37 GMT

Redirect headers

date
Wed, 28 Oct 2020 00:09:37 GMT
via
1.1 google
status
307
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=726498effa980625ac6165972aab9e67628118038108061bdfe11d66b35cdce2f4cb09cee1a4f8eb&person_id=3614128376143937541&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
csync.ashx
ml314.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=c68fecca-51ac-472a-880c-7c83a5772748
  • https://ml314.com/csync.ashx?fp=c68fecca-51ac-472a-880c-7c83a5772748&person_id=3614128376143937541&eid=53819
43 B
312 B
Image
General
Full URL
https://ml314.com/csync.ashx?fp=c68fecca-51ac-472a-880c-7c83a5772748&person_id=3614128376143937541&eid=53819
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.58.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-58-217.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 28 Oct 2020 00:09:37 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Wed, 28 Oct 2020 20:09:37 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 28 Oct 2020 00:09:37 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Location
https://ml314.com/csync.ashx?fp=c68fecca-51ac-472a-880c-7c83a5772748&person_id=3614128376143937541&eid=53819
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0,Wed, 28 Oct 2020 20:09:37 GMT
csync.ashx
ml314.com/
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3614128376143937541
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3614128376143937541
  • https://ml314.com/csync.ashx?fp=59b44ce6a4cb85137a467c200227c394&eid=50146&person_id=3614128376143937541
43 B
312 B
Image
General
Full URL
https://ml314.com/csync.ashx?fp=59b44ce6a4cb85137a467c200227c394&eid=50146&person_id=3614128376143937541
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.58.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-58-217.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 28 Oct 2020 00:09:37 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Wed, 28 Oct 2020 20:09:37 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Oct 2020 00:09:37 GMT
status
302
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ml314.com/csync.ashx?fp=59b44ce6a4cb85137a467c200227c394&eid=50146&person_id=3614128376143937541
cache-control
no-cache
x-server
10.45.19.40
content-length
0
expires
0
/
ps.eyeota.net/pixel/bounce/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
0
344 B
Image
General
Full URL
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
Requested by
Host: www.ductorm.bar
URL: http://www.ductorm.bar/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 28 Oct 2020 00:09:37 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/pixel/bounce/?pid=r8hrb20&t=gif
Date
Wed, 28 Oct 2020 00:09:37 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
state
api.permutive.com/v1.0/
0
106 B
XHR
General
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=d6c42980-42e9-4537-93f1-f2c3fd326c4a
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/970c370e-66b5-4cc7-ad17-1d370e11bf75-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Jetty(9.4.31.v20200723) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Oct 2020 00:09:37 GMT
content-encoding
gzip
server
Jetty(9.4.31.v20200723)
status
200
vary
Origin,Access-Control-Request-Method
access-control-allow-methods
POST
access-control-allow-origin
http://www.ductorm.bar
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-max-age
86400
alt-svc
clear
content-length
20
via
1.1 google
events
api.permutive.com/v2.0/batch/
101 B
368 B
XHR
General
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=d6c42980-42e9-4537-93f1-f2c3fd326c4a
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/970c370e-66b5-4cc7-ad17-1d370e11bf75-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
39553e766bd9220322eec74860baab61819292edad3120938774709121e10f60

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Oct 2020 00:09:37 GMT
content-encoding
gzip
server
Permutive
status
200
vary
Origin,Access-Control-Request-Method
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
http://www.ductorm.bar
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-max-age
86400
alt-svc
clear
content-length
112
via
1.1 google
sodar
pagead2.googlesyndication.com/getconfig/
8 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201021&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3229256b90b2c434b134369947ae0f324f84b4ea4b07a2e59600e22fa0210eaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 00:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6475
x-xss-protection
0
collect
www.google-analytics.com/
35 B
81 B
Other
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 00:09:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
http://www.ductorm.bar
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
58 B
Other
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 00:09:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
http://www.ductorm.bar
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
58 B
Other
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 00:09:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
http://www.ductorm.bar
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601937181905197"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6302
x-xss-protection
0
expires
Wed, 28 Oct 2020 00:09:38 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame F4E3
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/218/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.ductorm.bar/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.ductorm.bar/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Tue, 27 Oct 2020 23:31:28 GMT
expires
Wed, 27 Oct 2021 23:31:28 GMT
last-modified
Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2290
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/
0
110 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gda_r20201021&jk=2199584450450273&bg=!09Cl0PDNAAVp0lmVaVjYWCZlO-96TgIAAABPUgAAAAwKAZbgt_f5ScFA_JzNUvnwdr3o9QJoT0EdFKG-lq37w_vZT32M-jLPNlhWAM1df3-3ierQF5OFS32hiZbpgOOO0m7wI0bsmJgCStkn059OQCUwRS3QLtvkVCqSrkgHuSgsaymBlnYXL9PNvh-Lkxum8xXIiRbPVfF-eGtHJbXsYrCPJE_Ga0UCD8_fb88MklR4XEQ6nJ2skHi7mCOHc4QvbSyuk_m56SVn8VPeECSkLKQSGLkuyMpYtNAJDHBdMfpy7pvBZZPV7owl-wt0KywFo4rjE1mT1QZOwQm6p5ylBsmhQ6fV7aKmcgjVxonoFFxyjg61fUkdV-EYX0O-yhOvbK_jq8nrOBuPU18UnpoGeXvj5f1TE0GQ0GrJh7kr0Ix0XgpgqN-CPdQSOUOteTh0EcSw8YDwTMy9u_tH6-JfwEU_xEC6fG3u_KRRLd0wJWzHyw3H98_suUtMRcyR0yoWfYM1xhtMjeSFlm1kly0xQw3c6C-9rsZBiS2DKQi1n1J74lJaiSu4QFdawfrIggxoZtYxgCwtjqBYmQGnlw8xXnUMVOxQWJikUHsQtwgkffWKU51QBBYEIeaaANIDaj8ENGbi9DvmD61N1oqCgr4PccbOVRMqLWNNl5n6KeRnn_bxBQG6br_9yJG3nvJcmAoc3WI33WOa-wXxnD_1YX_ZfIbuTeL3n4PXv6t_y6gKm3-O5SkZZvkacAmmpXLqZBIyAEsxmBP8tdOobiz7oKb86YXAK7_lgaeszm1dSigM343TF7wdqyO5MR76kebshWHXK3fz93qGQKHQKYYqEtGh_WBvrj2iEku3EeldXK1DelZfNh6Yiu55aKJOCtHDhz-TP-GnFWXZdSyCVdYC9L8C67Hyf3hwmEHkCw712-cEL3eOvW7hyqaKof7OG-MG4LZGdHWDv8YiJyLOvrPkkowrAO-ZiwBCfjenEoST0cl7qXjHYm0J7AFgwTy1xQ859WSSyjU2MA2YF_01FdOyXk4xLR-Rtg973k21CfMKd1XgfMbKa621oW0feOsTgi_g4MZGmqa43w_rGuUfnEenCsh2xBk41sPWJrDH_-U1M8od8ZaJIl0ZRh2LnsdZh1Wa6vAUkqeF
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 00:09:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
en.build.json
cdn.acsbapp.com/cache/app/ductorm.bar/
0
126 B
XHR
General
Full URL
https://cdn.acsbapp.com/cache/app/ductorm.bar/en.build.json
Requested by
Host: acsbap.com
URL: https://acsbap.com/apps/app/assets/js/acsb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.93.197.211 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
accessibe-lb-nyc1.jetserver.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 28 Oct 2020 00:09:40 GMT
server
nginx
x-cache-status
MISS
status
200
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
*
content-length
0
/
acsbapp.com/apps/app/
128 B
331 B
XHR
General
Full URL
https://acsbapp.com/apps/app/?options=%7B%22statementLink%22%3A%22%22%2C%22feedbackLink%22%3A%22%22%2C%22footerHtml%22%3A%22%22%2C%22hideMobile%22%3Afalse%2C%22hideTrigger%22%3Afalse%2C%22language%22%3A%22en%22%2C%22position%22%3A%22right%22%2C%22leadColor%22%3A%22%23146FF8%22%2C%22triggerColor%22%3A%22%23146FF8%22%2C%22triggerRadius%22%3A%2250%25%22%2C%22triggerPositionX%22%3A%22right%22%2C%22triggerPositionY%22%3A%22bottom%22%2C%22triggerIcon%22%3A%22default%22%2C%22triggerSize%22%3A%22medium%22%2C%22triggerOffsetX%22%3A20%2C%22triggerOffsetY%22%3A20%2C%22mobile%22%3A%7B%22triggerSize%22%3A%22small%22%2C%22triggerPositionX%22%3A%22right%22%2C%22triggerPositionY%22%3A%22bottom%22%2C%22triggerOffsetX%22%3A0%2C%22triggerOffsetY%22%3A0%2C%22triggerRadius%22%3A%220%22%7D%7D
Requested by
Host: acsbap.com
URL: https://acsbap.com/apps/app/assets/js/acsb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.93.197.211 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
accessibe-lb-nyc1.jetserver.net
Software
nginx /
Resource Hash
4d9def6b1543bbc39fe916a6314a4debbfac5a0f9bc7ab470d357431292cf8e4

Request headers

Referer
http://www.ductorm.bar/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 28 Oct 2020 00:09:40 GMT
content-encoding
br
server
nginx
status
200
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-cache
access-control-allow-headers
*
content-length
104

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| trustedTypes function| $ function| jQuery string| StackSonarObject function| stackSonar object| msTag boolean| ms_debug string| _seedTagId object| googletag number| sheetNumber undefined| gdpr undefined| iab_string object| pbjs object| BottomDesktopSizes object| BottomMobileSizes object| RosHeaderDesktopSizes object| RosHeaderMobileSizes object| HomeHeaderDesktopSizes object| HomeHeaderMobileSizes object| RosTopDesktopSizes object| RosTopMobileSizes object| RosMpuSizes object| TNW_HOME_BOTTOM_SLOT object| TNW_ROS_HEADER_SLOT object| TNW_HOME_HEADER_SLOT object| TNW_ROS_TOP_SLOT object| TNW_ROS_MPU_ATF_SLOT object| TNW_ROS_MPU_BTF_SLOT object| adUnits number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT number| DefM number| bidCap function| initAdserver object| gptadslots function| loadExtraSlots undefined| consentForAds boolean| adsLoaded function| checkConsent string| assertive_entityId number| assertive_debug number| assertive_sampleRate number| assertive_timeout object| assertive_layout string| assertive_userState object| assertive_custom_1 object| assertive_custom_2 object| assertive_custom_3 object| assertive_custom_4 object| assertive_custom_5 function| loadNeustar function| loadFaktor object| BottomSizes object| RosHeaderSizes object| HomeHeaderSizes object| RosTopSizes object| dataLayer boolean| IS_MOBILE object| APP_LOCALE object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| permutive object| Modernizr function| google_spfd object| google_sv_map function| pbjsChunk object| _pbjsGlobals object| google_tag_manager object| google_tag_data function| getCookie function| setCookie string| GoogleAnalyticsObject function| ga function| defer function| runTest function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| permutiveWebpack object| cmp object| gdprConfiguration object| node function| __tcfapi object| gaplugins object| ean function| IsNative function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| wpJsonpLiverampGdprCmp function| giveConsent334542ce585e1076 object| gaData boolean| adBlocker object| APP_ENV function| getTheCookie object| _wpemojiSettings object| leadin_wordpress object| wlSettings object| wordliftAnalyticsConfigData object| wordliftAnalyticsEntityData object| wlCloudContextCards object| wordliftCloud function| _ boolean| adnxsDomReady object| eanpbjs object| _ml object| google_optimize function| onYouTubeIframeAPIReady function| labnolThumb function| labnolIframe object| app object| cyberdelia function| Clipboard object| Handlebars function| Waypoint function| PhotoSwipe function| PhotoSwipeUI_Default function| postscribe object| debounceTimer object| twemoji object| wp string| waypointContextKey function| eanpbjsChunk object| EJS object| acsb object| acsbJS object| AccessiBe object| _0x8ae3 boolean| acsbInited boolean| acsbPendingLoad object| GoogleGcLKhOms object| google_image_requests object| EJSEventListeners

17 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.ductorm.bar/ Name: _gat_UA-729494-4
Value: 1
.ductorm.bar/ Name: _scs
Value: 1603843776772.933177563
.ductorm.bar/ Name: _gid
Value: GA1.2.1353716557.1603843777
www.ductorm.bar/ Name: gdpr-auditId
Value: 07191f19-bd8c-4ba6-a1d5-da8dd7f680f5
.ductorm.bar/ Name: _ga
Value: GA1.2.1685109724.1603843776
.ductorm.bar/ Name: AMP_TOKEN
Value: %24NOT_FOUND
www.ductorm.bar/ Name: tnw_morph
Value: 1304850990
www.ductorm.bar/ Name: geo-location
Value: {"country":"CZ","region":"10"}
www.ductorm.bar/ Name: tlv
Value: 2020-10-28T01:09:36.301+01:00
.ductorm.bar/ Name: _scp
Value: 1603843776771.837036993
.ductorm.bar/ Name: __gads
Value: ID=a25b5397bb69c635-228aeacf5ca60066:T=1603843776:RT=1603843776:S=ALNI_Mbl6BUw4eYhYMRasV9Ky8YOh5g8zw
www.ductorm.bar/ Name: tfv
Value: 2020-10-28T01:09:36.288+01:00
.ductorm.bar/ Name: permutive-session
Value: %7B%22session_id%22%3A%22970ba01a-19a7-4e77-bd43-e74e12cbe02a%22%2C%22last_updated%22%3A%222020-10-28T00%3A09%3A36.353Z%22%7D
.ductorm.bar/ Name: _gcl_au
Value: 1.1.839881238.1603843776
.ductorm.bar/ Name: _dc_gtm_UA-729494-4
Value: 1
.ductorm.bar/ Name: __cfduid
Value: dd6d1f60a5ed5ba37860e48cccfdb674d1603843774

6 Console Messages

Source Level URL
Text
console-api log URL: https://thenextweb.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api warning URL: http://massariuscdn.com/prod/prebid4.3-sovrn.js(Line 1)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/js/app.min.js?v=1602775830(Line 1)
Message:
Hi cyber-space traveller. Maybe you want to see our cyberdelia.menu().
console-api log URL: http://massariuscdn.com/pubs/tnw/tnw_hb_setup.js(Line 23)
Message:
[object Object]
console-api log URL: https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/js/app.min.js?v=1602775830(Line 1)
Message:
%c Welcome to TNW border-left: 5px solid #FF4422; color: #f3f6f8; background: #2a3b44; font-family: Monaco; padding: 0 2px 1px; border-radius: 3px;
console-api log URL: https://acsbap.com/apps/app/assets/js/acsb.js(Line 1)
Message:
[object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbap.com
acsbapp.com
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.de
api.permutive.com
api.stack-sonar.com
cdn.acsbapp.com
cdn.elasticad.net
cdn.jsdelivr.net
cdn.permutive.com
cdn0.tnwcdn.com
d2lcoyv3ods5zz.cloudfront.net
dpm.demdex.net
gdpr-consent-tool.privacymanager.io
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
geo.privacymanager.io
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
img-cdn.tnwcdn.com
in.ml314.com
js.hs-scripts.com
massariuscdn.com
match.adsrvr.org
ml314.com
pagead2.googlesyndication.com
partner.googleadservices.com
ps.eyeota.net
s.w.org
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.search.spotxchange.com
thenextweb.com
tpc.googlesyndication.com
www.ductorm.bar
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.stack-sonar.com
104.19.150.54
142.93.197.211
143.204.201.123
143.204.201.99
172.217.23.130
185.94.180.126
192.0.77.48
206.189.189.226
2600:9000:20d7:1a00:11:2a6a:9480:93a1
2600:9000:20d7:1c00:16:f82a:8600:93a1
2600:9000:20d7:4000:a:b6fc:9800:93a1
2600:9000:214f:e200:1f:8262:97c0:21
2606:4700:3034::ac43:abe0
2606:4700:3037::681b:8cb9
2606:4700::6811:d3cc
2606:4700::6812:1769
2606:4700::6813:ae6f
2a00:1450:4001:802::2003
2a00:1450:4001:806::2008
2a00:1450:4001:809::200e
2a00:1450:4001:814::200e
2a00:1450:4001:816::2001
2a00:1450:4001:816::2002
2a00:1450:4001:819::2004
2a00:1450:4001:81a::200e
2a00:1450:4001:81d::2002
2a00:1450:400c:c08::9c
2a04:4e42:3::621
3.121.27.153
3.250.252.43
3.89.179.232
34.107.254.252
34.120.207.148
34.195.35.40
37.252.172.36
52.30.140.199
52.49.73.64
54.77.58.217
65.9.190.98
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0610c667303a87b45a198d81279a250a787f2ec3080a359a0efd716e4a6c9892
0a0caa7f2c3dda6f0b39dec629aec475f2f27073521b660a85a0812ab572b243
12593a67910dec9dc1e0e5f56bb51d3aba370308dc11a7bda603f9fb9da843d0
1381d6f27e58deb7f41ed75f3906cefa0a211e06b3152b5b87e3fe5329aa2cba
15397b34a2486670a0010dc9d02eced53588db4a495fcc2104be45cefaf06571
157e106b9a8de79d7ae828065c91b240e57de111f77c25d91bd11554e2b6acff
169b7364dbc7ec39c1854b8f3f32494fbc95b141256335e30277b2150c49a16e
1c2723ad746207b0b451aec197cd753e1f79b052e2faf90bbe6ab7220cf21b34
22b4a1e088e3899531742edae5d45f68f354230b926d5d6e9ded10b1766433c4
23c10039b28431e709f69e17f9f7b80ebb7b2351aac01d44f0c2eec9d412d003
2617f853ce2aba81506f0216ea94dc22ef468b70d9487868ccf3cddf5bf0f0a4
265e8d8e3675d187a0969a0bf44266d1ac4477cb71f2fe91ba6b93e82a2536ee
266010587b8b7d35e2a12291c7f2290e1d02c4071a7de00d86fde4a5a720270a
2ad2f4a41be0467f37700a089ed820245134803c9a2893c15774066638830e88
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3229256b90b2c434b134369947ae0f324f84b4ea4b07a2e59600e22fa0210eaa
328613d6b2da5cb73b416cda0a0f12cbd1b4cf963a217dc8bc91d1988b2caca8
350b3fd2c9fd85e57d9b671154fe97578e582e74ee1fc8afa87062b1faf75a36
353359acf186f7fffc2100f5827d87259ab502aa61fe1e83e46f9cbd77589568
390a28be2ca4bcea5b71fe050295281a1a8fc99175690cdd62de378190400acb
39553e766bd9220322eec74860baab61819292edad3120938774709121e10f60
3ae7369c5505d7e8e8127e757f7a34855e3c11613e49b44120c94c02258a3c9c
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4d6f9711e0b89931512ec47583e3b7014826651e1b9bb706634a712a1106439f
4d9def6b1543bbc39fe916a6314a4debbfac5a0f9bc7ab470d357431292cf8e4
4dfcf14639c3e2c0a1a3bbdaf8ae82ac60f09aa6d0d7ff0f5a266817576ca35d
4f2f0bb78bf614fb44810d4209bf3c5ef4e0379b122747eed4c4619df37225b2
4f5b2528815d8b1cd9b68b1a4bb1fe689696f8dcbc2c4a5104343b886ee68828
5216fcdc6d278ba8cce42f910754b33365608bcba89401423816cc2b7b28f161
52739e445776aa1a7dcdd6222d7d4b0c1974d4c6c1aa384ceb918997231c9388
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
5a1736ffa1736c0deac526df0aa36252b65583a471c6d05c5ae5bcfc2ab89005
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
63dfba878534f6a505c5bf32607c690631d6e47725661b2be0b3927f4ee1406b
710353b5dc82107d4a281beea246c50b540ee446079bfab9521782720fd3deba
7837219984fcedfda0cd8b4e5ea4dfc69828d731d576ce3e5d726df2ac94952b
7d4c37ba884ed738a2e11d5d18fdb28fb6c3bd77e3c60be74dfd3e25381b853b
7ee1662223f892e8cf30d85091cefb6abe381f25e2b2306b71c6566df95e6254
809d94117440dbd3a55d83820db263193ea565950e0caa9ecf58145d62ddef15
82089ba3f908750d678924b84e9a8f3733e16b90a7ad647feac0d0312077bcfe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9165ef796522680a8f441a47222a0dd781d7df5e929bece2dfdfa66df6b5fea6
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93e55098f3846c590ea30d65c602bfd53f858a9bec79dd73a15816a70ec06c09
94dcbac161d6f73e7ee0c84accb87422220dd392dc230e3c04ad93123b7fdabf
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9ac2bcfe779bb9859085ac9a6b857b3e1806834eeb2410c29220bded3cee5df0
9c3ba53833b9798ad217eeeb508db5afdd46ec9636a03593161faf4d7983a7fe
9ccb61031667dbac3cdba7043e98c6db961e044679dc28b81eb11031dd4ce45f
a0e1041f89ecc1f666de7608606657ef7761d6c3531e44d25cd5a065b6fc8b49
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
a666a979b0a34342ab9396f175ef2ab23f6b6806c3ac88302c156ab7d98eef8e
a795d327a165c832a98a787f9ca2342c34b5e24a00259b0be6d739d634ac6cdb
a8da1af8589b29ace0da06a885d0f1fb9fc4d43ab65eeafca2255eb6442114bd
adcd76ce5fc0e051445687d585a9625d9069b92c58b637413a578b7547ada53f
b0e0c8467f3149a324a72e7c918519dff8ea9bf7f1806675d72918a2b4d88315
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6af88b1d89db29083d352d6faa95312e6274d8105c28d59baee5a8ebc77f481
b93041c86419712e621598adda1d9749ce2855af2fd4d952873ef00905922730
c660b952893bd73ebed871d9e8d27cd9b41943521be4c20055429a9aa13e6980
c82b41dacba34cb0cf1d74ad455d311f885830417519c452100e797efe27895c
c840aa2867af17c031f5cb6f84beb8778aae6bfea4c406bf03bdfad8ebd70a7c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cccc1b7f0f66d94b6a1759d650010f55b7c3daa39a3bbee2c5b39860960d85c6
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d4398cc2de1c610a9268600b04ac981c6d6d4cca8ee5020613c4edfaa1e75171
dd0ffb801525d07f536e396c4f4dcafcc81aa1a90d3e402b6521a116ce8f959d
de133925b660ae2bcf6f7f675b1db8923d94a59b0606ea5413769466e1b6e520
de1d50571313420ddc3b814ba55372e6ae702adee8cbbe7ee18c7dc7d8e4114e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e391cab635634a5f5456b9309c8eede3ed3e496b954d70eb26b2903c04411ca2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e06707fff542a2cbd6c23611f4806373df9b0b322755c5b5d43b940920688c
ee0157849d937bcf6db427f4b1a5985304cc3505a33a6cfc504a11c71c605246
ee7afd8920c90a73afbe0cda91884dc11afe0a2c2c18477f94678e40d74d6e06
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa5924387faf7b5000e8c554f08e45c8869a6a2cf669a109a09ef6b14a602c2
f71d0d9da7e6c5341ddf2cfcc5bf340b4b4aae5ed887117fb833ecfecdb62f94
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
ffb179007f1261c9a1dbc3ae53dda0400c6ebda26ce176d21d40b84160b2000c