shiftntp.com Open in urlscan Pro
172.67.214.207 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shiftntp.com/
Effective URL:
https://shiftntp.com/
Submission: On June 06 via manual (June 6th 2024, 11:53:05 pm UTC) from US — Scanned from DE

Summary HTTP 167 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 41 IPs in 4 countries across 33 domains to perform 167 HTTP transactions. The main IP is 172.67.214.207, located in United States and belongs to CLOUDFLARENET, US. The main domain is shiftntp.com. The Cisco Umbrella rank of the primary domain is 54538.
TLS certificate: Issued by E1 on May 26th 2024. Valid for: 3 months.

This is the only time shiftntp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	172.67.214.207 172.67.214.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
63	2606:4700:10:... 2606:4700:10::6816:151	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	104.70.85.86 104.70.85.86	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
6	184.30.17.67 184.30.17.67	16625 (AKAMAI-AS) (AKAMAI-AS)
4	172.67.149.20 172.67.149.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.192.32 18.66.192.32	16509 (AMAZON-02) (AMAZON-02)
3	65.108.134.244 65.108.134.244	24940 (HETZNER-AS) (HETZNER-AS)
1	142.250.185.72 142.250.185.72	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
1	54.230.228.76 54.230.228.76	16509 (AMAZON-02) (AMAZON-02)
1	18.66.192.49 18.66.192.49	16509 (AMAZON-02) (AMAZON-02)
3	23.32.101.241 23.32.101.241	16625 (AKAMAI-AS) (AKAMAI-AS)
3	64.202.112.223 64.202.112.223	23352 (SERVERCEN...) (SERVERCENTRAL)
1	2606:4700:20:... 2606:4700:20::681a:e94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	95.101.149.114 95.101.149.114	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:225... 2600:9000:225b:8000:1e:b6b1:7b80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:310... 2a02:26f0:3100::210:6e1b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:26f0:350... 2a02:26f0:3500:11::215:14d8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.213.161.205 23.213.161.205	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:26d... 2600:9000:26db:4000:1c:5a8a:b300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1d9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:170... 2a02:26f0:1700:186::31ca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.48.23.11 23.48.23.11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:310... 2a02:26f0:3100::1735:2b11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	104.102.44.114 104.102.44.114	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:237... 2600:9000:237d:c000:10:f12b:3700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.53.42.153 23.53.42.153	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	193.201.168.19 193.201.168.19	21192 (DPA-AS) (DPA-AS)
1	2a02:26f0:480... 2a02:26f0:480:99a::231f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.173.187.70 18.173.187.70	16509 (AMAZON-02) (AMAZON-02)
2	146.75.122.132 146.75.122.132	54113 (FASTLY) (FASTLY)
167	41

17 172.67.214.207 (United States)

ASN13335 (CLOUDFLARENET, US)

shiftntp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

63 2606:4700:10::6816:151 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onenews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.70.85.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-70-85-86.deploy.static.akamaitechnologies.com

olntptiles.tiles.ampfeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 184.30.17.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-67.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.149.20 (United States)

ASN13335 (CLOUDFLARENET, US)

srm8plmyisn9d7dyn.ay.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-32.muc50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.108.134.244 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.134.108.65.clients.your-server.de

api.assertcom.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-76.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-49.muc50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.32.101.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-101-241.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.223 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:e94 (United States)

ASN13335 (CLOUDFLARENET, US)

www.karlsruhe-insider.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.149.114 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-114.deploy.static.akamaitechnologies.com

www.faz.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225b:8000:1e:b6b1:7b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.sueddeutsche.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::210:6e1b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p6.focus.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:11::215:14d8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.prod.www.spiegel.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.161.205 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-205.deploy.static.akamaitechnologies.com

image.brigitte.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26db:4000:1c:5a8a:b300:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.t-online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1d9b (United States)

ASN13335 (CLOUDFLARENET, US)

media.tag24.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:186::31ca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

media0.faz.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.48.23.11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-11.deploy.static.akamaitechnologies.com

images.bild.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::1735:2b11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.chip.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (San Francisco, United States)

ASN54113 (FASTLY, US)

img.zeit.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.44.114 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-44-114.deploy.static.akamaitechnologies.com

www.swr.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:c000:10:f12b:3700:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.wunderweib.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.53.42.153 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-153.deploy.static.akamaitechnologies.com

i.computer-bild.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.201.168.19 (Germany)

ASN21192 (DPA-AS, DE)
PTR: polizeipresse.de

www.presseportal.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:99a::231f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.ndr.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.187.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-70.muc50.r.cloudfront.net

www.rtl.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.122.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	onenews.com cdn.onenews.com — Cisco Umbrella Rank: 14342	418 KB
20	gstatic.com fonts.gstatic.com t0.gstatic.com	135 KB
17	shiftntp.com shiftntp.com — Cisco Umbrella Rank: 54538	919 KB
10	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2145 widget-pixels.outbrain.com — Cisco Umbrella Rank: 5040 mv.outbrain.com — Cisco Umbrella Rank: 2828 mcdp-nydc1.outbrain.com	110 KB
6	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 236 stats.g.doubleclick.net — Cisco Umbrella Rank: 130	174 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	344 KB
4	spiegel.de cdn.prod.www.spiegel.de — Cisco Umbrella Rank: 51224	554 KB
4	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 12808 log.outbrainimg.com — Cisco Umbrella Rank: 3828 images.outbrainimg.com — Cisco Umbrella Rank: 3526	15 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 65 region1.google-analytics.com — Cisco Umbrella Rank: 2406	21 KB
4	ay.delivery srm8plmyisn9d7dyn.ay.delivery — Cisco Umbrella Rank: 20484	174 KB
3	assertcom.de api.assertcom.de — Cisco Umbrella Rank: 10341	919 B
2	zeit.de img.zeit.de — Cisco Umbrella Rank: 131331	105 KB
2	bild.de images.bild.de — Cisco Umbrella Rank: 47269	228 KB
2	sueddeutsche.de www.sueddeutsche.de — Cisco Umbrella Rank: 112736	346 KB
2	faz.net www.faz.net — Cisco Umbrella Rank: 100599 media0.faz.net — Cisco Umbrella Rank: 108209	400 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 887 script.hotjar.com — Cisco Umbrella Rank: 1282	59 KB
1	rtl.de www.rtl.de — Cisco Umbrella Rank: 333531	76 KB
1	ndr.de www.ndr.de — Cisco Umbrella Rank: 143127	37 KB
1	presseportal.de www.presseportal.de — Cisco Umbrella Rank: 383099	138 KB
1	computer-bild.de i.computer-bild.de — Cisco Umbrella Rank: 264718	276 KB
1	wunderweib.de images.wunderweib.de	196 KB
1	swr.de www.swr.de — Cisco Umbrella Rank: 143936	286 KB
1	chip.de www.chip.de — Cisco Umbrella Rank: 137003	2 MB
1	tag24.de media.tag24.de — Cisco Umbrella Rank: 318509	110 KB
1	t-online.de images.t-online.de — Cisco Umbrella Rank: 89478	103 KB
1	brigitte.de image.brigitte.de — Cisco Umbrella Rank: 562830	145 KB
1	focus.de p6.focus.de — Cisco Umbrella Rank: 74871	74 KB
1	karlsruhe-insider.de www.karlsruhe-insider.de — Cisco Umbrella Rank: 696478	157 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 3438	233 B
1	google.de www.google.de — Cisco Umbrella Rank: 8139	63 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3163	251 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	1 KB
1	ampfeed.com olntptiles.tiles.ampfeed.com — Cisco Umbrella Rank: 59048	206 B
167	33

	Domain	Requested by
63	cdn.onenews.com	shiftntp.com cdn.onenews.com srm8plmyisn9d7dyn.ay.delivery
17	shiftntp.com	cdn.onenews.com
16	t0.gstatic.com
5	widgets.outbrain.com	cdn.onenews.com srm8plmyisn9d7dyn.ay.delivery
5	www.googletagmanager.com	cdn.onenews.com shiftntp.com www.googletagmanager.com
4	cdn.prod.www.spiegel.de
4	fonts.gstatic.com	fonts.googleapis.com
4	srm8plmyisn9d7dyn.ay.delivery	cdn.onenews.com
3	stats.g.doubleclick.net	www.googletagmanager.com cdn.onenews.com
3	api.assertcom.de	srm8plmyisn9d7dyn.ay.delivery cdn.onenews.com
3	www.google-analytics.com	www.googletagmanager.com cdn.onenews.com
3	securepubads.g.doubleclick.net	securepubads.g.doubleclick.net cdn.onenews.com
2	images.outbrainimg.com
2	mcdp-nydc1.outbrain.com	cdn.onenews.com
2	mv.outbrain.com	srm8plmyisn9d7dyn.ay.delivery
2	img.zeit.de
2	images.bild.de
2	www.sueddeutsche.de
1	www.rtl.de
1	www.ndr.de
1	www.presseportal.de
1	i.computer-bild.de
1	images.wunderweib.de
1	www.swr.de
1	www.chip.de
1	media0.faz.net
1	media.tag24.de
1	images.t-online.de
1	image.brigitte.de
1	p6.focus.de
1	www.faz.net
1	www.karlsruhe-insider.de
1	log.outbrainimg.com	cdn.onenews.com
1	widget-pixels.outbrain.com
1	tcheck.outbrainimg.com	cdn.onenews.com
1	vc.hotjar.io	cdn.onenews.com
1	region1.google-analytics.com	www.googletagmanager.com
1	script.hotjar.com	srm8plmyisn9d7dyn.ay.delivery
1	www.google.de
1	region1.analytics.google.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	fonts.googleapis.com	cdn.onenews.com
1	olntptiles.tiles.ampfeed.com	cdn.onenews.com
167	43

This site contains links to these domains. Also see Links.

Domain
www.gesundheitswissenaktuell.com
www.outbrain.com

Subject Issuer	Validity	Valid
shiftntp.com E1	`2024-05-26` - `2024-08-24`	3 months	crt.sh
cdn.onenews.com E1	`2024-05-21` - `2024-08-19`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.tiles.ampfeed.com DigiCert TLS RSA SHA256 2020 CA1	`2024-04-18` - `2025-04-18`	a year	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
ay.delivery GTS CA 1P5	`2024-04-22` - `2024-07-21`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
api.assertcom.de R3	`2024-04-13` - `2024-07-12`	3 months	crt.sh
*.google.de WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-03` - `2025-01-03`	a year	crt.sh
karlsruhe-insider.de GTS CA 1P5	`2024-05-04` - `2024-08-02`	3 months	crt.sh
www.faz.net DigiCert TLS RSA SHA256 2020 CA1	`2024-04-15` - `2025-04-15`	a year	crt.sh
www.sueddeutsche.de Amazon RSA 2048 M02	`2024-05-31` - `2025-06-29`	a year	crt.sh
*.focus.de DigiCert TLS RSA SHA256 2020 CA1	`2024-03-08` - `2025-03-10`	a year	crt.sh
cdn.prod.www.spiegel.de R3	`2024-06-04` - `2024-09-02`	3 months	crt.sh
www.guj.digital R3	`2024-04-01` - `2024-06-30`	3 months	crt.sh
images.t-online.de Amazon RSA 2048 M02	`2024-05-25` - `2025-06-22`	a year	crt.sh
tag24.de GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
images.bild.de R3	`2024-05-20` - `2024-08-18`	3 months	crt.sh
*.chip.de DigiCert TLS RSA SHA256 2020 CA1	`2024-03-08` - `2025-03-08`	a year	crt.sh
*.zeit.de GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-05-19` - `2025-06-20`	a year	crt.sh
www.swr.de DigiCert TLS RSA SHA256 2020 CA1	`2024-06-04` - `2024-11-20`	6 months	crt.sh
images.xceler8.io Amazon RSA 2048 M03	`2024-03-21` - `2025-04-20`	a year	crt.sh
i.computer-bild.de R3	`2024-05-29` - `2024-08-27`	3 months	crt.sh
*.presseportal.de RapidSSL TLS RSA CA G1	`2023-06-06` - `2024-07-06`	a year	crt.sh
www.ndr.de R3	`2024-05-14` - `2024-08-12`	3 months	crt.sh
*.aws-prod.rtl.de Amazon RSA 2048 M02	`2024-04-08` - `2025-05-07`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://shiftntp.com/
Frame ID: 892E490782848490BE41C7B252708936
Requests: 166 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-WNFNMPW
Frame ID: 4F750C86BF500ED100AD0F8B964D2BF9
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/topics/topics.html?r=https%3A%2F%2Fshiftntp.com
Frame ID: AA76DDC07D834EED1AFEC1A3E00E0FF6
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Frame ID: 7BAEA99BF2ECB259E8284F041A124064
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shift News - The Latest News Sports, and Weather

Page URL History Show full URLs

http://shiftntp.com/ HTTP 307
https://shiftntp.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*id="__nuxt"
/_nuxt/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Page Statistics

167
Requests

100 %
HTTPS

45 %
IPv6

33
Domains

43
Subdomains

41
IPs

4
Countries

7313 kB
Transfer

12208 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gesundheitswissenaktuell.com/2022_methode/obnew?obOrigUrl=true
Title: Es ist wie eine Hochdruckreinigung für die Leber gesundheitswissenaktuell.com

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/de

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shiftntp.com/ HTTP 307
https://shiftntp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

167 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
shiftntp.com/
Redirect Chain

http://shiftntp.com/
https://shiftntp.com/

4 KB
2 KB

724ms
680ms

Document
text/html

172.67.214.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shiftntp.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Nuxt
Resource Hash: 0e4efe8202edd33f4d6b956b964dc4d409ef4ef3526f9cef79ab594d1921b0e3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88fc51b65d228fd1-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Thu, 06 Jun 2024 23:52:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CU5TwS2zpGlgW2wVPp83ArojRstA%2F%2FpF3%2FloEDPm8Wg6gbvHu2aO2Hl2M9fLapW%2FnNwaEBWFI%2BdDiC9WPi5Lxb8eb1oeCyeq8oytXVUjhzdNaKaMWfxJBLmzbRAKwAs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: Nuxt

Redirect headers

Location: https://shiftntp.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 entry.1xba8bO2.css
cdn.onenews.com/public/_nuxt/ 401 KB
44 KB 104ms
46ms Stylesheet
text/css 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/entry.1xba8bO2.css
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d2cb31b63a5d5a61a1dd4df5de3277688eab2cd38a60f3193ad0e9a27df9b1b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 29 May 2024 18:10:17 GMT
server: cloudflare
age: 1866
etag: W/"660d71108de9132fa9c25c4b97a8f654"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
cf-ray: 88fc51bafe97381f-FRA

GET
H2 200 8QgVgQtc.js Show response
cdn.onenews.com/public/_nuxt/ 478 KB
163 KB 282ms
224ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19d2f9aa34eb4db894efc76643e7169470f04190d06ef498cb36865563e82a6e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 27 May 2024 20:52:01 GMT
server: cloudflare
etag: W/"d2fd5ee71b2b3b6bd1198c03201c1da0"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bafdac2c79-FRA

GET
H2 200 DCb5wjPV.js
cdn.onenews.com/public/_nuxt/ 0
332 B 230ms
229ms Other
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/DCb5wjPV.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 27 May 2024 20:52:13 GMT
server: cloudflare
etag: W/"113781a3c5ec17be61c8ef778a1e56c1"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb4ddf2c79-FRA

GET
H2 200 Bz4MvDci.js
cdn.onenews.com/public/_nuxt/ 0
345 B 265ms
262ms Other
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/Bz4MvDci.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 27 May 2024 20:52:07 GMT
server: cloudflare
etag: W/"d24e5dcaf03159cf890451f74a8ad034"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb5de72c79-FRA

GET
H2 200 custom.BGf8sgk9.css
cdn.onenews.com/public/_nuxt/ 0
32 KB 44ms
41ms Other
text/css 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/custom.BGf8sgk9.css
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2024 22:51:10 GMT
server: cloudflare
age: 1816
etag: W/"af6ee661c153773f7d3939ad28ae104c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
cf-ray: 88fc51bb5f19381f-FRA

GET
H2 200 DScZOgvn.js
cdn.onenews.com/public/_nuxt/ 0
1 KB 409ms
406ms Other
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/DScZOgvn.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 20:52:14 GMT
server: cloudflare
etag: W/"8f3202aeae039bb577caa9e95f6aeaf8"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb5dea2c79-FRA

GET
H2 200 Btc6o49h.js
cdn.onenews.com/public/_nuxt/ 0
730 B 226ms
223ms Other
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/Btc6o49h.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 27 May 2024 20:52:06 GMT
server: cloudflare
etag: W/"c470e492214ce5fb0f84f0d6872fd09b"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb5deb2c79-FRA

GET
H2 200 B9MrDChp.js
cdn.onenews.com/public/_nuxt/ 0
294 B 46ms
44ms Other
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/B9MrDChp.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 27 May 2024 20:52:03 GMT
server: cloudflare
age: 4364
etag: W/"04a4772fc4bb441cefa3afcec5553e6d"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb5dec2c79-FRA

GET
H2 200 default.7VmJqvvL.css
cdn.onenews.com/public/_nuxt/ 0
32 KB 46ms
43ms Other
text/css 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/default.7VmJqvvL.css
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2024 22:51:09 GMT
server: cloudflare
age: 1816
etag: W/"497809a8d8cb0bc17e5de370daa4b5c7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
cf-ray: 88fc51bb5f1b381f-FRA

GET
H2 200 Searchbox.D6oneoNL.css
cdn.onenews.com/public/_nuxt/ 0
33 KB 65ms
62ms Other
text/css 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/Searchbox.D6oneoNL.css
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2024 22:51:08 GMT
server: cloudflare
age: 1816
etag: W/"06e4841fc46ad80b2d9c9be372518e5b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
cf-ray: 88fc51bb5f1d381f-FRA

GET
H2 200 lEV0DFed.js
cdn.onenews.com/public/_nuxt/ 0
2 KB 218ms
216ms Other
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/lEV0DFed.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 27 May 2024 20:52:23 GMT
server: cloudflare
etag: W/"3b65872e61f08f0ec78d2bb0d2142f0a"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb5ded2c79-FRA

GET
H2 200 uOXjusci.js
cdn.onenews.com/public/_nuxt/ 0
3 KB 41ms
39ms Other
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/uOXjusci.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 27 May 2024 20:52:24 GMT
server: cloudflare
age: 4364
etag: W/"7bbacac38393455f145766cf22674d26"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb5dee2c79-FRA

GET
H2 200 BvXFuFJw.js
cdn.onenews.com/public/_nuxt/ 0
1 KB 37ms
34ms Other
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/BvXFuFJw.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2024 23:21:20 GMT
server: cloudflare
age: 4363
etag: W/"70dbbbbfed55e6bfc7874ca7d0059f34"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb5def2c79-FRA

GET
H2 200 DBMy5ybd.js
cdn.onenews.com/public/_nuxt/ 0
344 B 224ms
222ms Other
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/DBMy5ybd.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 27 May 2024 20:52:12 GMT
server: cloudflare
etag: W/"c57aec2477e08555d1c24066c3d0bbb5"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb5df12c79-FRA

GET
H2 200 DMCCv3L_.js
cdn.onenews.com/public/_nuxt/ 0
502 B 226ms
224ms Other
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/DMCCv3L_.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 05 Jun 2024 23:21:23 GMT
server: cloudflare
etag: W/"c4fbda7bd794d4aec890733a4d7270c2"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb5df32c79-FRA

GET
H2 200 Da2SryCc.js
cdn.onenews.com/public/_nuxt/ 0
31 KB 234ms
232ms Other
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/Da2SryCc.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 05 Jun 2024 23:21:24 GMT
server: cloudflare
etag: W/"c2ad6446247bbad62d25af346da5feff"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb7e002c79-FRA

GET
H2 200 C_MtLdZO.js
cdn.onenews.com/public/_nuxt/ 0
420 B 245ms
243ms Other
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/C_MtLdZO.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 27 May 2024 20:52:09 GMT
server: cloudflare
etag: W/"b5dee43739312900fc491c167c3c0a0f"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb7e032c79-FRA

GET
H2 200 new.B19DZ6Ud.css
cdn.onenews.com/public/_nuxt/ 0
32 KB 63ms
61ms Other
text/css 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/new.B19DZ6Ud.css
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2024 22:51:11 GMT
server: cloudflare
age: 1816
etag: W/"bcc780e6592f107dc5a97e4d0ea3d72e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
cf-ray: 88fc51bb5f1e381f-FRA

GET
H2 200 CgZhCELY.js
cdn.onenews.com/public/_nuxt/ 0
2 KB 246ms
244ms Other
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/CgZhCELY.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 27 May 2024 20:52:10 GMT
server: cloudflare
etag: W/"35fe1d25113706380c7d8dabe8d5087b"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb7e042c79-FRA

GET
H2 200 CN8p_4sa.js
cdn.onenews.com/public/_nuxt/ 0
2 KB 242ms
241ms Other
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/CN8p_4sa.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 05 Jun 2024 23:21:21 GMT
server: cloudflare
etag: W/"10219fdfd8d9cb9af9839a08b1f97ae9"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb7e062c79-FRA

GET
H2 200 gInbs-QB.js Show response
cdn.onenews.com/public/_nuxt/ 2 KB
1 KB 402ms
401ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/gInbs-QB.js
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6b675c6b528b15e7b9ebed431c762b9bdf413c45dbc8588ea8c99c517f41b21

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:00 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 20:52:22 GMT
server: cloudflare
etag: W/"2a8fbf906bde0d34ac311ceed35692d3"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bcbf962c79-FRA

GET
H2 200 DVcPsDoU.js Show response
cdn.onenews.com/public/_nuxt/ 2 KB
893 B 233ms
232ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/DVcPsDoU.js
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ae291ac432771c51b8c92d52200b5553212636c9e189e74bb079745e100f407

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 20:52:15 GMT
server: cloudflare
etag: W/"0a4d4906653acae4061b1ea24ec4950b"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bcbf972c79-FRA

GET
H2 200 0g-3dyGs.js Show response
cdn.onenews.com/public/_nuxt/ 2 KB
917 B 233ms
230ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/0g-3dyGs.js
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6db05cd1af6593429093d1daf29108c6883e0c13d33fe36b2d7c54c41e10d68

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 27 May 2024 20:52:01 GMT
server: cloudflare
etag: W/"ef5e5193f7784248401ee396ad4b074a"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bccf9c2c79-FRA

GET
H2 200 9bED2_uW.js Show response
cdn.onenews.com/public/_nuxt/ 78 B
205 B 241ms
238ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/9bED2_uW.js
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72c7dbc8374c7cc139f63e3e357925c58eef11c79a46bc32c19bdec75a07ceac

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 05 Jun 2024 23:21:19 GMT
server: cloudflare
etag: W/"af2777ce792d764fbca6da8a335b12eb"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bccf9d2c79-FRA

GET
H2 200 index.CV1zv516.css
cdn.onenews.com/public/_nuxt/ 44 B
163 B 48ms
45ms Stylesheet
text/css 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/index.CV1zv516.css
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2606c89e6ac48decbd9ac98e28a6a052340f7216c91ebe9c0e90ac0b5b1d513b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2024 23:21:26 GMT
server: cloudflare
age: 2844
etag: "9dbc3cdf115f94954f7ebcf7054729f1"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 88fc51bcc83e381f-FRA
content-length: 44

GET
H3 200 favicon.ico
shiftntp.com/ 78 B
515 B 717ms
717ms Other
image/x-icon 172.67.214.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shiftntp.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 560a481d94b94be28e45a6ee498682f92b2eb99f8f6f5956c9aad969f61ee5e5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:00 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 06 Jun 2024 20:38:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DYBVq5DgYg4lF7r5DrSBRs9jDIx6pqhCG%2BC%2B0yVkogaSNwGgOOq25o4hWg%2FOhbLgLlKIGc0ypMSDXVucdpe05xGKywTuY2eCOmxjdDR9X%2BXd1ENCUJHLg2h%2FAyVuWKA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=14400
cf-ray: 88fc51bd081f8fd1-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 CN8p_4sa.js Show response
cdn.onenews.com/public/_nuxt/ 3 KB
0 0ms
0ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/CN8p_4sa.js
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1a8d6da8d6c354dde0a825e73ee97e439e0ce9e655d4281c633df85e391e790

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 05 Jun 2024 23:21:21 GMT
server: cloudflare
etag: W/"10219fdfd8d9cb9af9839a08b1f97ae9"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb7e062c79-FRA

GET
H2 200 34114ee5-188c-4d9b-ab9a-b58ee6118979.json Show response
cdn.onenews.com/public/_nuxt/builds/meta/ 139 B
264 B 263ms
263ms Fetch
application/json 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/builds/meta/34114ee5-188c-4d9b-ab9a-b58ee6118979.json
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7b2e52cec115addb45dec7bfd0ef27e1a3b18b0ebff06fd9635fe809a75cac9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:00 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Mon, 27 May 2024 20:52:21 GMT
server: cloudflare
etag: W/"e5b04fe413f93c828e949bd37480e513"
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://shiftntp.com
cf-ray: 88fc51bf491f2c79-FRA

GET
H2 200 new.B19DZ6Ud.css
cdn.onenews.com/public/_nuxt/ 235 KB
0 0ms
0ms Stylesheet
text/css 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/new.B19DZ6Ud.css
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe2ac608040ea114b83b51ff2f04f13f899750aae4f7ac0b217d7105334f714f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2024 22:51:11 GMT
server: cloudflare
age: 1816
etag: W/"bcc780e6592f107dc5a97e4d0ea3d72e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
cf-ray: 88fc51bb5f1e381f-FRA

GET
H2 200 CgZhCELY.js Show response
cdn.onenews.com/public/_nuxt/ 3 KB
0 0ms
0ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/CgZhCELY.js
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f30e1ef0ee4c39b12660460cfaa7e3b0dcc1df8a34c5aca811c4fa3155c98137

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 27 May 2024 20:52:10 GMT
server: cloudflare
etag: W/"35fe1d25113706380c7d8dabe8d5087b"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb7e042c79-FRA

GET
H2 200 Btc6o49h.js Show response
cdn.onenews.com/public/_nuxt/ 1 KB
0 0ms
0ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/Btc6o49h.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d6e91f3e439b17cc0d234bb2d99acdf9a7f26470e4c4b7e7a72849da8bad9cb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.onenews.com/public/_nuxt/CgZhCELY.js
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 27 May 2024 20:52:06 GMT
server: cloudflare
etag: W/"c470e492214ce5fb0f84f0d6872fd09b"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb5deb2c79-FRA

GET
H2 200 Bz4MvDci.js Show response
cdn.onenews.com/public/_nuxt/ 294 B
0 2ms
2ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/Bz4MvDci.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 948200517a5dd85db3ae61e6340a0cdc19a9b915c096745d6c2d880a03d7286e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.onenews.com/public/_nuxt/CgZhCELY.js
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 27 May 2024 20:52:07 GMT
server: cloudflare
etag: W/"d24e5dcaf03159cf890451f74a8ad034"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb5de72c79-FRA

GET
H2 200 B9MrDChp.js Show response
cdn.onenews.com/public/_nuxt/ 216 B
0 2ms
2ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/B9MrDChp.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf50cdbbf49a3977ad7673036a52d08a800086d04953a22caa23cc90a04514e0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.onenews.com/public/_nuxt/CgZhCELY.js
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 27 May 2024 20:52:03 GMT
server: cloudflare
age: 4364
etag: W/"04a4772fc4bb441cefa3afcec5553e6d"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb5dec2c79-FRA

GET
H2 200 DBMy5ybd.js Show response
cdn.onenews.com/public/_nuxt/ 298 B
0 2ms
2ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/DBMy5ybd.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a263575bbe502e389b61fd1329b73cb64fefae9289f6bdf9967add390c1cba7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.onenews.com/public/_nuxt/CgZhCELY.js
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 27 May 2024 20:52:12 GMT
server: cloudflare
etag: W/"c57aec2477e08555d1c24066c3d0bbb5"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb5df12c79-FRA

GET
H2 200 DMCCv3L_.js Show response
cdn.onenews.com/public/_nuxt/ 589 B
0 3ms
3ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/DMCCv3L_.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7f4fc33951dbf0b343b609ea5d58eb41b3f8cf3bae4eb88587145bd3c66f9e7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.onenews.com/public/_nuxt/CgZhCELY.js
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 05 Jun 2024 23:21:23 GMT
server: cloudflare
etag: W/"c4fbda7bd794d4aec890733a4d7270c2"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb5df32c79-FRA

GET
H2 200 C_MtLdZO.js Show response
cdn.onenews.com/public/_nuxt/ 464 B
0 3ms
3ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/C_MtLdZO.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 152fb6cb6b311991144a3bdfb284682eabb1e162ea4154c245d3d62825b8e022

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.onenews.com/public/_nuxt/CgZhCELY.js
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 27 May 2024 20:52:09 GMT
server: cloudflare
etag: W/"b5dee43739312900fc491c167c3c0a0f"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb7e032c79-FRA

GET
H2 200 Da2SryCc.js Show response
cdn.onenews.com/public/_nuxt/ 86 KB
0 4ms
4ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/Da2SryCc.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a49042b96363a292062a3351b5e602c36474a12bffc6cd1b10b48d7c14571bf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.onenews.com/public/_nuxt/CgZhCELY.js
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 05 Jun 2024 23:21:24 GMT
server: cloudflare
etag: W/"c2ad6446247bbad62d25af346da5feff"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb7e002c79-FRA

GET
H2 200 DxVdQ4g2.js Show response
cdn.onenews.com/public/_nuxt/ 12 KB
5 KB 232ms
229ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/DxVdQ4g2.js
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1b65b281549b4603a50f2d5162855b8570e6eb4df3a48a4526f0071a972bbc5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:00 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 20:52:17 GMT
server: cloudflare
etag: W/"14e234d70a2c5117e1cabdcf2c209500"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51c13a882c79-FRA

GET
H2 200 Searchbox.D6oneoNL.css
cdn.onenews.com/public/_nuxt/ 238 KB
0 1ms
1ms Stylesheet
text/css 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/Searchbox.D6oneoNL.css
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 772ad15e6a9d9f21deb7f40f2625372ba1b298ada7e7996aceb4630e3796ac92

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2024 22:51:08 GMT
server: cloudflare
age: 1816
etag: W/"06e4841fc46ad80b2d9c9be372518e5b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
cf-ray: 88fc51bb5f1d381f-FRA

GET
H2 200 C-G8wyBh.js Show response
cdn.onenews.com/public/_nuxt/ 6 KB
2 KB 235ms
234ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/C-G8wyBh.js
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de58972d0ac23c3cfddf0d44875a54f39e563a562a9caae1d79b6f51c9639384

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:00 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 20:52:07 GMT
server: cloudflare
etag: W/"5da0bdb2e07f820c4165445c80f185eb"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51c13a8a2c79-FRA

GET
H2 200 HeaderWithLogo.CI-sImEO.css
cdn.onenews.com/public/_nuxt/ 5 KB
953 B 41ms
39ms Stylesheet
text/css 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/HeaderWithLogo.CI-sImEO.css
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7196cdc65e73dc5603ab909fa3308cf6b2cabf340ed44abed61fced707c4d96

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2024 23:21:25 GMT
server: cloudflare
age: 2844
etag: W/"3a50e971ecf8f41e88efe6abf2fee54f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
cf-ray: 88fc51c13b59381f-FRA

GET
H2 200 DUc9ZfcO.js Show response
cdn.onenews.com/public/_nuxt/ 900 B
638 B 582ms
580ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/DUc9ZfcO.js
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4b4d26ce56c317997b292cfcfb802b4f0addf5d461979b4e70343571be9ef15

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:00 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 20:52:15 GMT
server: cloudflare
etag: W/"cfce9c40238ce04fdf0dd0f20d37b602"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51c13a8b2c79-FRA

GET
H2 200 Cc2F1aAD.js Show response
cdn.onenews.com/public/_nuxt/ 2 KB
1 KB 233ms
231ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/Cc2F1aAD.js
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dfbe53a85d76efee8125dae47c198d20928e520e55628514e6702508ceab3e4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:00 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 27 May 2024 20:52:10 GMT
server: cloudflare
etag: W/"4561a6e01d8f8def490d5c00aa421241"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51c13a8c2c79-FRA

GET
H2 200 MostVisitedTitles.yaagAhBA.css
cdn.onenews.com/public/_nuxt/ 1 KB
705 B 41ms
40ms Stylesheet
text/css 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/MostVisitedTitles.yaagAhBA.css
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f81b2b14b850fe33ff9b83725b88a7b457c0ba9cbc6d64452d902b1da4c118bd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2024 22:51:07 GMT
server: cloudflare
age: 1817
etag: W/"4f16665ec0ead33cf1f84997a1838827"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
cf-ray: 88fc51c13b5a381f-FRA

GET
H2 200 BtORIe15.js Show response
cdn.onenews.com/public/_nuxt/ 15 KB
5 KB 854ms
852ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/BtORIe15.js
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb4563e4c20f14425297ad6a85d479d935af992bfeceb6fb8596f63cbce8fa7c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:01 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 20:52:06 GMT
server: cloudflare
etag: W/"7b9d564db1b2c90b753a4f6b01e97755"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51c13a8d2c79-FRA

GET
H2 200 CdgP0p7z.js Show response
cdn.onenews.com/public/_nuxt/ 4 KB
2 KB 260ms
258ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/CdgP0p7z.js
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1919c29c01440f574e45eff6697cdb21c3ee86525aa995d0348e661a44b42a36

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:00 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 20:52:10 GMT
server: cloudflare
etag: W/"b665b013a330df9f666e907d3f3621d8"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51c13a8f2c79-FRA

GET
H2 200 4KI83FKX.js Show response
cdn.onenews.com/public/_nuxt/ 649 B
392 B 223ms
221ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/4KI83FKX.js
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d847feb76167f0620ec3e858a2aafa714593ca060144a619f70f7ee5108ce25

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:00 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 20:52:01 GMT
server: cloudflare
etag: W/"b4141cda16349e5e93dbea00a2c41782"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51c13a902c79-FRA

GET
H2 200 MsnNav.4eJY5s3D.css
cdn.onenews.com/public/_nuxt/ 4 KB
1 KB 43ms
41ms Stylesheet
text/css 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/MsnNav.4eJY5s3D.css
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7df3f74e5fa848175d01d8a32ded4e772951bb7b91f646fc2d6b408b50f1978

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2024 19:04:27 GMT
server: cloudflare
age: 2844
etag: W/"49d444cbbf4e3e2d5b3677038d406e50"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
cf-ray: 88fc51c13b5b381f-FRA

GET
H2 200 uOXjusci.js Show response
cdn.onenews.com/public/_nuxt/ 8 KB
0 0ms
0ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/uOXjusci.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f0ae4b8683fa4c5a09d360107b67e9ff6ec89a9657c57360da7d6bee797c417

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.onenews.com/public/_nuxt/DxVdQ4g2.js
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 27 May 2024 20:52:24 GMT
server: cloudflare
age: 4364
etag: W/"7bbacac38393455f145766cf22674d26"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb5dee2c79-FRA

GET
H2 200 BvXFuFJw.js Show response
cdn.onenews.com/public/_nuxt/ 2 KB
0 2ms
2ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/BvXFuFJw.js
Requested by: Host: shiftntp.com
URL: https://shiftntp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e490b9ef1eefebf453acff9bcf90845d010b2f1f5b0a48c16d8fc15d38a37df

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.onenews.com/public/_nuxt/DxVdQ4g2.js
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2024 23:21:20 GMT
server: cloudflare
age: 4363
etag: W/"70dbbbbfed55e6bfc7874ca7d0059f34"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51bb5def2c79-FRA

GET
H3 200 newscatcher Show response
shiftntp.com/api/ 635 KB
206 KB 850ms
849ms Fetch
application/json 172.67.214.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shiftntp.com/api/newscatcher?category=News
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea45e12ed6c55f4e1024f505bd9030081710d7bb530fd7c2c1d25f2780925197

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 06 Jun 2024 23:15:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"Qdg30rNi0H"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FfLCnAF69UcCyoicon%2BsRjJ2RhQgiCqkDQiIKJHfd2iHAFKlG%2FbFoQAAcoXT7pUdoioeEn28c%2BOc1FEomBQfpil7lx%2F8Pql9BJWyzthWGV9Ued%2B8XiaiNuAFXJjB%2FoU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=3600
cf-ray: 88fc51c6ad018fd1-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 newscatcher Show response
shiftntp.com/api/ 191 KB
63 KB 832ms
832ms Fetch
application/json 172.67.214.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shiftntp.com/api/newscatcher?category=Sports
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40e30adfa7798571a3638d613663cab7a01a0ffb9b6a5b1ad480f1d206cb7d8a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 06 Jun 2024 23:35:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ny1ypjaRE0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=60VigUhGxw0nlkuVJqg%2FpE4hmOZsPHce3rFk2ukd0JNh%2FuLt%2FgET5faoQk8isNScS%2FKyt6pgrdFYBzU%2BdGhC9doe%2FwhrtabzQoMp5v5owbJQCJrwnX1h%2FI5A%2BWS3EPA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=3600
cf-ray: 88fc51c6ad048fd1-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 newscatcher Show response
shiftntp.com/api/ 191 KB
62 KB 1009ms
1009ms Fetch
application/json 172.67.214.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shiftntp.com/api/newscatcher?category=Politics
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 519bc2ddf7a2c93dba1118701fbefcb8dc9bc0bfe1813389e97df0fe694ede20

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 06 Jun 2024 23:15:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"mZOog0uBGp"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tatqs9%2BukiTjq6LGhdVHH653TdDR4lXXcv1aCjwNbsza4AFeSmLMpkdL%2BynL%2BQygzUlWbISTjuiqJFyxx3rj5zioGIf8sCWCkjsKJ9cCx5yEYvEFE6DGnCLtLw%2BZR1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=3600
cf-ray: 88fc51c6ad058fd1-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 newscatcher Show response
shiftntp.com/api/ 192 KB
68 KB 850ms
849ms Fetch
application/json 172.67.214.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shiftntp.com/api/newscatcher?category=Entertainment
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e36da9a218df70c643ec1b97922c1bbb5236d57a27f64fa23dc134c625ce173

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 06 Jun 2024 22:35:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"n8zo2vhQoO"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fJ%2F%2FLK8QusOj1%2Fcc7Cg%2FrfLjToHrX2nY6t%2FFhvKLPePlzGbRqQHtGc8OtR6HgRCcboLgtOhjIvaSPfPkgIbONLmFlMJtWxhIGJi0Oe3LbrEwAkvnOCwab4vKM1wHtfY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=3600
cf-ray: 88fc51c6ad068fd1-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 newscatcher Show response
shiftntp.com/api/ 192 KB
64 KB 194ms
193ms Fetch
application/json 172.67.214.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shiftntp.com/api/newscatcher?category=Money
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88f3bd37bfefbbecde3f642768c7917f465679b6c1b2e2bf4a5c440c3e0a35ed

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 06 Jun 2024 23:35:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"D6xtUbWOAw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wv8aQmRp7n0Gs2hWmviaFHyDVRUuVbp9m%2FhPzYUghjN8N9ih7%2F%2BqMmBJ1q9cV9PqNarr5DLpExKnyiJoA58IHfkblh7C%2FYz6pQeUfILpl00Pt%2BDz1sM2MU1%2FGs3Hg74%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=3600
cf-ray: 88fc51c6ad078fd1-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 newscatcher Show response
shiftntp.com/api/ 193 KB
67 KB 673ms
672ms Fetch
application/json 172.67.214.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shiftntp.com/api/newscatcher?category=Lifestyle
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22c5752406d3654c0a2b1ddda8d3f01d50da0ddff3159e6fb3ae727c76b2a1f1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 06 Jun 2024 23:45:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4a8gZZnLbn"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HfTso8B2awjDpaRKppCnbT3T7lVRH5SIfXfRiPjBBjCppkl3r8TSy%2BnTkDIA2Rm40YE2TlbIB4xlb2Gj4pvTv06YzEzbNt2B4bQ1lmAV7v1LjZSe4Jn3Ys2FGqh%2FTMk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=3600
cf-ray: 88fc51c6ad088fd1-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 newscatcher Show response
shiftntp.com/api/ 193 KB
65 KB 850ms
849ms Fetch
application/json 172.67.214.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shiftntp.com/api/newscatcher?category=Technology
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6b6f49f4e8c234cb7af13faa0a772f1f47ee1a28401f97ffeb4ee4721fc3ccd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 06 Jun 2024 22:35:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"JJvQHUJXjf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oX86VB58vkCDlH7XnFnVWWCReSezwLzP6BLLFxOf31v6kAZs678yzBNm%2BtlKmnj%2BCnDW57vvuBuZ%2FRHPLmhMKi6Ih8giVjP7%2BhJrZ95MoyXg5wnVUa0YSrWKY2o8NmI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=3600
cf-ray: 88fc51c6ad098fd1-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 newscatcher Show response
shiftntp.com/api/ 189 KB
65 KB 833ms
832ms Fetch
application/json 172.67.214.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shiftntp.com/api/newscatcher?category=Food
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d36345ef580d0478a47d4c984639613b4529c60bbe152137547ad6eee59a41a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 06 Jun 2024 23:25:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"uvFtcXPczB"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ATWWnBJhcB0RA2VAwE0S7MQ9cgUJ1BBxPMjIfjtGjWmbNAUT9mvG4r25XL5N0twfCpvM7y%2BeXZAwWWxoAZhpfG82VYwkhlQpSDEEzTSkZZjLUyEODSBHEJOXWkCp33A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=3600
cf-ray: 88fc51c6ad0b8fd1-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 newscatcher Show response
shiftntp.com/api/ 190 KB
63 KB 692ms
692ms Fetch
application/json 172.67.214.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shiftntp.com/api/newscatcher?category=Travel
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a69c33aace2bd37ac8f0f3d5482d50e19e5894580575e958a5d0b8cc61e9a28

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 06 Jun 2024 22:55:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"EOsGoMob4u"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9W%2FokIxiTthxbqtUy9Cc5q6V1v%2F2k0dCrGwZ5wkTri%2FSfmmmRB5696fCHom0kpSnRJJ9ZJB45in6LUDFCEHlOYlV%2Fp132vGL31fqghZintz3%2FOLST95g5LTa%2FNJTflg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=3600
cf-ray: 88fc51c6ad0c8fd1-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 newscatcher Show response
shiftntp.com/api/ 193 KB
64 KB 693ms
693ms Fetch
application/json 172.67.214.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shiftntp.com/api/newscatcher?category=Health
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3da09f3186a507acda85c9fb5afc34a96eef635298edd7d9a048ca60916fd193

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 06 Jun 2024 22:45:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ZURBosvOeS"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hEyK6FMkwSM6w0Pmqhv7iSnY1W3C%2F2kqCh5lZL%2Fgemvzh9xbRN2%2BDANhsMB2rXlyRAAlUDNBUkA%2BhM5bblKZS5YKNLDt%2FssInk2Qwg204AnNyrXb6GyTHwp5Nh1y6vU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=3600
cf-ray: 88fc51c6ad0e8fd1-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 newscatcher Show response
shiftntp.com/api/ 190 KB
62 KB 832ms
831ms Fetch
application/json 172.67.214.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shiftntp.com/api/newscatcher?category=Automotive
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2002155430eed446db56bf9657a75dc01f4b44dcc697a4eb2ab68b37f7f33ae6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 06 Jun 2024 23:15:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"fshOxdqOZv"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KdLYmKsiUfJEbYXbUOYusNUtmCB0rxO6t6NRAD89DZLqP90gs8TO9UQpsgTM%2F2NWcgwzPNlRAoYizS2yP9Ohxp1O4DvZbu9QT6XgMB3SA6WAl1iX7lVqzulkXwG8%2BpA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=3600
cf-ray: 88fc51c6ad0f8fd1-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 newscatcher Show response
shiftntp.com/api/ 187 KB
64 KB 850ms
850ms Fetch
application/json 172.67.214.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shiftntp.com/api/newscatcher?category=Shopping
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da33dc2a1aeadd6afca5aa4d027399b918d05e07330e7e8e370d221797bb1a63

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 06 Jun 2024 23:05:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6Z0bhQHlD2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rj7S5htTYcBDKzS9XmcU3s66guWX2bWiDTLruwsP2vSNLuRa3Sry8CWjusw0ufd4WVSIx6%2FnHwEGSdchmKdmDyOl%2Ffvapa%2FILWuc3V6qx1llk35bm8DdCIv%2FVsnYL%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=3600
cf-ray: 88fc51c6ad108fd1-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ns.html
www.googletagmanager.com/ Frame 4F75 0
0 85ms
32ms Document
text/html 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-WNFNMPW

Requested by

Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://shiftntp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 92
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jun 2024 23:53:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2 200 tiles Show response
olntptiles.tiles.ampfeed.com/ 2 B
206 B 108ms
24ms Fetch
application/json 104.70.85.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://olntptiles.tiles.ampfeed.com/tiles?partner=olntptiles&sub1=10173&sub2=newtab&result=10&v=1.3
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.85.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-86.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:01 GMT
x-country-check: DE, DE
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ip-check: 94.114.247.79, 127.0.0.1, 139.28.177.133
content-length: 22
x-ident: p1ion

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 86ms
30ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&family=Roboto&display=swap

Requested by

Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc91695bf55eef13ef0fd2ce72228763ba6c29873a3d9d2d792c47a6452573e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jun 2024 23:53:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 23:49:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jun 2024 23:53:01 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 244 KB
89 KB 489ms
432ms Script
application/x-javascript 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.outbrain.com/outbrain.js

Requested by

Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-17-67.deploy.static.akamaitechnologies.com

Software

Resource Hash

f143d2a41d0be0e72fecc52e0ee5eeb6c0b16b646dcdd89160da75d6bbe975f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 06 Jun 2024 23:53:01 GMT
edge-cache-tag: widget-cheetah
x-traceid: 54fc69786b30df2996e964a1c14e3fc6
content-length: 90875
last-modified: Wed, 05 Jun 2024 12:18:10 GMT
etag: "17-VDsqCL6sSztAaE0JhxvTDUnXhew"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14500
access-control-allow-credentials: false
timing-allow-origin: *, *
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H3 200 sRm8pLMYisn9D7DyN Show response
srm8plmyisn9d7dyn.ay.delivery/manager/ 40 KB
12 KB 100ms
57ms Script
text/javascript 172.67.149.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://srm8plmyisn9d7dyn.ay.delivery/manager/sRm8pLMYisn9D7DyN
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.149.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a23315bcfc2c7b53860d84a3acf8e198d84e38c8953f2bc8bd3001bba932a704

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:01 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"cf918b1d601b731b2228a79a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BNuhxicS97JNjX1im3BeBrMaYvqgqVogwVnuC3eceuCo0jWYdNwmOBU64zmlfBhaFii%2FbZbsgxVI%2FTdVoypChj8849LxFKvWotn%2Fv1BO%2FnWOnTX5iuOzhpkDVPomjK7FhLlmhHxAoO0rNtK4FWYsEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
cf-ray: 88fc51c70b782ba4-FRA
link: <https://securepubads.g.doubleclick.net/tag/js/gpt.js>; rel=preload; as=script, <https://sRm8pLMYisn9D7DyN.ay.delivery/manager-script/yield-manager-script-v3.0.7-hotfix.1-prod>; rel=preload; as=script, <https://sRm8pLMYisn9D7DyN.ay.delivery/client-v2.js>; rel=preload; as=script, <https://sRm8pLMYisn9D7DyN.ay.delivery/manager-script/sRm8pLMYisn9D7DyN.splitTest.1?v=ZaZxGXSj99sYxvzKK>; rel=preload; as=script
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 213 KB
76 KB 88ms
38ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNFNMPW

Requested by

Host: shiftntp.com
URL: https://shiftntp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0db485fb2e7241d4648c7530da8a1afb66574a488ba7db21d8f85539fd2a416

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77818
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 22:35:01 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jun 2024 23:53:01 GMT

GET
H3 200 favicon-32x32.png
shiftntp.com/ 608 B
1 KB 755ms
755ms Other
image/png 172.67.214.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shiftntp.com/favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cab29c16a77adf0b74bf42de737f3883c595c8ec3ea099ac1ac8d7339085311

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:01 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 27 May 2024 20:51:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "260-cXryNc9PbZCSn3msgblvV/AKSaY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OVBS%2BUxFt5%2B7nR%2B8KI3Cxe3337%2BThmO0isxPz0Ir%2FYO0%2B207PoJSfwNKfxW4%2BoFNIuMhB9zOYOR%2FG6%2Ba3nz7Ptojlj8KZ%2BWS7nJP7iDw6BBe5WTt45oN3AoW80M4JsY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88fc51c6cd1c8fd1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 608

GET
H3 200 shift-icon-32.png
shiftntp.com/ 2 KB
2 KB 991ms
991ms Other
image/png 172.67.214.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shiftntp.com/shift-icon-32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29aa58c0866292c45f953e49d5f3b88d7cfbc7560c3e82db22124780e5e23689

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:02 GMT
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 20:51:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7da-MaRjUmxzqtN9Ee3u03FboVHXtEM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eJBMONM3CDHLE3o%2B2%2FEkidl77%2FCY%2FUQSS6A89FyBBaB1v7Zd7ng%2Fz29l4lpgiOg%2BaOsEaO5MlCpCKTmmHTpxbUwRDqVKoTEUL9%2BkLcUN2KW169tBPJn5k6JPc%2FUksjc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88fc51c6cd1d8fd1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2010

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 79ms
22ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:10:43 GMT
x-content-type-options: nosniff
age: 207738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:10:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 103ms
46ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:19:50 GMT
x-content-type-options: nosniff
age: 207191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:19:50 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
0 79ms
79ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:10:43 GMT
x-content-type-options: nosniff
age: 207738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:10:43 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 95 KB
30 KB 86ms
38ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

7d916cf34096b5120664554578b0f9d3ed32ba6a7cef6dfd88cbc89fe156e9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30743
x-xss-protection: 0
server: cafe
etag: 805 / 19880 / 31084373 / config-hash: 702129891729468476
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 06 Jun 2024 23:53:01 GMT

GET
H3 200 yield-manager-script-v3.0.7-hotfix.1-prod Show response
srm8plmyisn9d7dyn.ay.delivery/manager-script/ 144 KB
39 KB 58ms
57ms Script
text/javascript 172.67.149.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://srm8plmyisn9d7dyn.ay.delivery/manager-script/yield-manager-script-v3.0.7-hotfix.1-prod
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.149.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e921277d9f4fcc33dde139e85a54f25aaa39226b5047f86fd4e32cd6b2df95dd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:01 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sR6YWmJ01%2Fv5%2BTWwverWEDQP0rgagJErI5Nehp0fc6dK0v%2F2NQstWO%2Frnuxuxh5U%2FggsujHOuck6NPwKGgtyv4ofifbZoRM6jbro4a5b%2FeiPVem9DBupmBz8vf9dN5bsgRofPToaFk%2F1qEukkZWKcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 88fc51c76b9c2ba4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 client-v2.js Show response
srm8plmyisn9d7dyn.ay.delivery/ 98 KB
30 KB 37ms
36ms Script
application/javascript 172.67.149.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://srm8plmyisn9d7dyn.ay.delivery/client-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.149.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f24f25a533baf9b72ef99c0b5f535e6b9d42edc146b5cac49dfac8081e5ba4c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 May 2024 12:23:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 554
etag: W/"664b40db-18748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GnzYO3uHXrDpd3mr46F1lscylqxdWQtJNlpe76KsPO9Pb8w%2FbI%2FLP24fJGO5S7DxURMB1phq9cjN9nN3%2BnoCW1fMVx3li9FOEVNBDLW2eA9WJ3w7lPC5L6enBAiyeO8igXs347siITPr61dN30D4pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cf-ray: 88fc51c76b9d2ba4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 sRm8pLMYisn9D7DyN.splitTest.1 Show response
srm8plmyisn9d7dyn.ay.delivery/manager-script/ 304 KB
93 KB 85ms
84ms Script
text/javascript 172.67.149.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://srm8plmyisn9d7dyn.ay.delivery/manager-script/sRm8pLMYisn9D7DyN.splitTest.1?v=ZaZxGXSj99sYxvzKK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.149.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b48e5bc97e369466fad4948d52d55280447ea9ec3e907ab1564014e341d25b0f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:01 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bvWYVxsp%2Fjs%2BcZYRwHbFxohWPdD2%2BOGnupNxOT2KSty6L9JbvRoZmVOlYf2yqGTBMa0DhwMT8Ell7JPiUnt6tl0WXK5ByHxBgGRMSx6rAGpHmk5kT0zOHu%2FNplOtknrE5SjpqWs2r1ng5%2FG6nKKIAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 88fc51c76b9e2ba4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 316 KB
104 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C8QGCBZ3PC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNFNMPW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d9ec430b9aaed45b259c33f3b130291eccf9592dab12e9afde40f09781d62149

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106083
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 06 Jun 2024 23:53:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 77ms
21ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNFNMPW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Jun 2024 22:29:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5033
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 07 Jun 2024 00:29:08 GMT

GET
H2 200 hotjar-3623287.js Show response
static.hotjar.com/c/ 9 KB
4 KB 106ms
37ms Script
application/javascript 18.66.192.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3623287.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNFNMPW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-32.muc50.r.cloudfront.net

Software

Resource Hash

e5ce250a37bd6ff824e0fa69d36573223785a52cdcbc8a51e2521a94071d3734

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 06 Jun 2024 23:53:01 GMT
via: 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 8
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/653858b67fc2f644bfb3c8dcf56fbffc
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: gS1hfvBq050Q0Dx0C6-mQ-h56FUUJFyTRDREBv9y_fFoylmKTVWFpA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 206 KB
74 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-62117061-22&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNFNMPW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

14c0199e6c7357b2b9095a80664310750efe255b34aca67d70ccc78bc17f52fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76058
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 22:35:01 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jun 2024 23:53:01 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406050101/ 459 KB
143 KB 21ms
21ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406050101/pubads_impl.js?cb=31084373

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

66a26f58e6db53d83ef8b7eeabbd99c41c439347508d4e30a3b4ece1e3fe47c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 10:00:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49929
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146466
x-xss-protection: 0
server: cafe
etag: 288610800658649615
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 06 Jun 2025 10:00:52 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 60 B
67 B 78ms
36ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=shiftntp.com

Requested by

Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

168cc8f4213063cb2f39cd1ed0ba8e7e4c33ea6cce40218b5da8e337d1cd539b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Thu, 06 Jun 2024 23:53:01 GMT

POST
H2 200 pageview
api.assertcom.de/ 0
306 B 136ms
43ms Ping
text/plain 65.108.134.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.assertcom.de/pageview
Requested by: Host: srm8plmyisn9d7dyn.ay.delivery
URL: https://srm8plmyisn9d7dyn.ay.delivery/client-v2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 65.108.134.244 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.134.108.65.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
access-control-allow-origin: https://shiftntp.com
cache-control: no-store, no-cache, private, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding
content-length: 0
expires: Thu, 01 Jan 1980 00:00:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
90 KB 42ms
41ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-01ZJWQVL2J&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-62117061-22&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e61bc0a2c4566f30b49132a661f79fda6a0508a20171662df2818194f68a241e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 06 Jun 2024 23:53:01 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 84ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-C8QGCBZ3PC&gtm=45je4650v899813937z89101333035za200zb9101333035&_p=1717717981215&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1127563358.1717717981&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717717981&sct=1&seg=0&dl=https%3A%2F%2Fshiftntp.com%2F&dt=Shift%20News%20-%20The%20Latest%20News%20Sports%2C%20and%20Weather&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2940
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C8QGCBZ3PC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 06 Jun 2024 23:53:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shiftntp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 108ms
33ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C8QGCBZ3PC&cid=1127563358.1717717981&gtm=45je4650v899813937z89101333035za200zb9101333035&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C8QGCBZ3PC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 06 Jun 2024 23:53:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shiftntp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 63ms
31ms Image
image/gif 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-C8QGCBZ3PC&cid=1127563358.1717717981&gtm=45je4650v899813937z89101333035za200zb9101333035&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=2002206634

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 06 Jun 2024 23:53:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
206 B 28ms
28ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=123377047&t=pageview&_s=1&dl=https%3A%2F%2Fshiftntp.com%2F&ul=de-de&de=UTF-8&dt=Shift%20News%20-%20The%20Latest%20News%20Sports%2C%20and%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=385723733&gjid=463432212&cid=1127563358.1717717981&tid=UA-62117061-23&_gid=933928113.1717717982&_r=1&_slc=1&gtm=45He4650n81WNFNMPWv9101333035za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=1354868992

Requested by

Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jun 2024 23:53:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shiftntp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 28ms
28ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=123377047&t=pageview&_s=1&dl=https%3A%2F%2Fshiftntp.com%2F&ul=de-de&de=UTF-8&dt=Shift%20News%20-%20The%20Latest%20News%20Sports%2C%20and%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=613844946&gjid=2030704847&cid=1127563358.1717717981&tid=UA-62117061-22&_gid=933928113.1717717982&_r=1&gtm=457e4650za200zb9101333035&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=255010265

Requested by

Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jun 2024 23:53:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shiftntp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.349061f2d87d84c4c336.js Show response
script.hotjar.com/ 222 KB
55 KB 103ms
31ms Script
application/javascript 54.230.228.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.349061f2d87d84c4c336.js

Requested by

Host: srm8plmyisn9d7dyn.ay.delivery
URL: https://srm8plmyisn9d7dyn.ay.delivery/manager-script/yield-manager-script-v3.0.7-hotfix.1-prod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-228-76.muc50.r.cloudfront.net

Software

Resource Hash

5ade1526f1674ac49650f04fa328b8aec7266c24c9a045f5efbb96b6984422c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 11:43:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 258e5fe72bfca83e099f880853f68ab4.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
age: 130194
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56093
last-modified: Wed, 05 Jun 2024 11:42:10 GMT
etag: "4aa8ac29ac41e30cfd27b0bfd1a19aca"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 5owIDibL4oN_fM7VSXMENuSfXJyU3fHPCJEJMAeBF_MA-9sGUjJjFQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 67ms
33ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-62117061-23&cid=1127563358.1717717981&jid=385723733&gjid=463432212&_gid=933928113.1717717982&npa=1&_u=YADAAEAAAAAAACAAI~&z=2017591529

Requested by

Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Jun 2024 23:53:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shiftntp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
343 B 65ms
32ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-62117061-22&cid=1127563358.1717717981&jid=613844946&gjid=2030704847&_gid=933928113.1717717982&npa=1&_u=YADAAUABAAAAACAAI~&z=1118179390

Requested by

Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Jun 2024 23:53:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shiftntp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 35ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-01ZJWQVL2J&gtm=45je4650v9122498964za200&_p=1717717981215&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1127563358.1717717981&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1717717981&sct=1&seg=0&dl=https%3A%2F%2Fshiftntp.com%2F&dt=Shift%20News%20-%20The%20Latest%20News%20Sports%2C%20and%20Weather&en=page_view&_fv=1&_ss=1&tfd=3008
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-01ZJWQVL2J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 06 Jun 2024 23:53:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shiftntp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 3623287 Show response
vc.hotjar.io/sessions/ 0
233 B 129ms
57ms XHR
text/plain 18.66.192.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/3623287?s=0.25&r=0.016477487049220363
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-49.muc50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 06 Jun 2024 23:53:01 GMT
cache-control: no-store
via: 1.1 8eb3c67b1958af32e15515c8eb27fbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
x-amz-cf-id: bYsR39UIgjo3pXmxjZ_KwRSeo87IyiTZQXRuVWMm9FFlZCvvQz6pTg==
x-cache: Miss from cloudfront

GET
H2 200 topics.html
widgets.outbrain.com/nanoWidget/externals/topics/ Frame AA76 0
0 68ms
23ms Document
text/html 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/topics/topics.html?r=https%3A%2F%2Fshiftntp.com
Requested by: Host: srm8plmyisn9d7dyn.ay.delivery
URL: https://srm8plmyisn9d7dyn.ay.delivery/manager-script/yield-manager-script-v3.0.7-hotfix.1-prod
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://shiftntp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=14400
content-encoding: gzip
content-length: 364
content-type: text/html
date: Thu, 06 Jun 2024 23:53:02 GMT
etag: "a52151dbf5b2ca563e40ccca1ab8228c:1717595214.954123"
expires: Fri, 07 Jun 2024 03:53:02 GMT
last-modified: Wed, 05 Jun 2024 12:17:46 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H/1.1 200
OK c2hpZnRudHAuY29t Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
537 B 526ms
453ms XHR
application/json 23.32.101.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tcheck.outbrainimg.com/tcheck/check/c2hpZnRudHAuY29t

Requested by

Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.32.101.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-32-101-241.deploy.static.akamaitechnologies.com

Software

Resource Hash

929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 06 Jun 2024 23:53:02 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=43190
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 36cb946ac95ee46b0a82962c41547990
Content-Length: 16
Expires: Fri, 07 Jun 2024 11:52:52 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
371 B 22ms
21ms Image
image/gif 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 06 Jul 2024 23:53:01 GMT
date: Thu, 06 Jun 2024 23:53:01 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
424 B 474ms
112ms XHR
application/json 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1717717982503&sessionId=c73c8ffa-bfbf-8e7f-bdee-738e2f754cad&url=shiftntp.com&cheqSource=1&cheqEvent=3&responseTime=528

Requested by

Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Thu, 06 Jun 2024 23:53:02 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 895b363ef79af750bace2f227edcb1b6
Content-Length: 8
Expires: 0

GET
H2 200 BN2q1gaG.js Show response
cdn.onenews.com/public/_nuxt/ 7 KB
2 KB 440ms
440ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/BN2q1gaG.js
Requested by: Host: srm8plmyisn9d7dyn.ay.delivery
URL: https://srm8plmyisn9d7dyn.ay.delivery/manager-script/yield-manager-script-v3.0.7-hotfix.1-prod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9c88bc5ffebbcb1e95bde724551e2e5e5a799668e2b4a1cd23e1067f7e1be15

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:02 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 20:52:04 GMT
server: cloudflare
etag: W/"4dac1c696ac50fca124cb6ee6fe74ce9"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51cf0f542c79-FRA

GET
H2 200 NewsLayout.RoHNRe1R.css
cdn.onenews.com/public/_nuxt/ 1 KB
521 B 39ms
39ms Stylesheet
text/css 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/NewsLayout.RoHNRe1R.css
Requested by: Host: srm8plmyisn9d7dyn.ay.delivery
URL: https://srm8plmyisn9d7dyn.ay.delivery/manager-script/yield-manager-script-v3.0.7-hotfix.1-prod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a844a55de3f6811d1f4e79f7c1207d8dade60171a73bc52326cae9884439f965

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2024 23:21:25 GMT
server: cloudflare
age: 2843
etag: W/"667a88e71eb1d8c3977dcc54387d0f0a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
cf-ray: 88fc51cf0cdf381f-FRA

GET
H2 200 DaVu6Nr0.js Show response
cdn.onenews.com/public/_nuxt/ 6 KB
2 KB 226ms
226ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/DaVu6Nr0.js
Requested by: Host: srm8plmyisn9d7dyn.ay.delivery
URL: https://srm8plmyisn9d7dyn.ay.delivery/manager-script/yield-manager-script-v3.0.7-hotfix.1-prod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be5560697663e982a9cfb0a5059ed8a6b2b557beb44c3733a4668d614259c8ed

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:03 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 20:52:15 GMT
server: cloudflare
etag: W/"e1fa58b69164ba4832e0fbfc59ac9f99"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51d1c94e2c79-FRA

GET
H2 200 DqJtS_wN.js Show response
cdn.onenews.com/public/_nuxt/ 219 B
290 B 253ms
252ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/DqJtS_wN.js
Requested by: Host: srm8plmyisn9d7dyn.ay.delivery
URL: https://srm8plmyisn9d7dyn.ay.delivery/manager-script/yield-manager-script-v3.0.7-hotfix.1-prod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b97c50b3b37b77a82cc9da95adac3abfaa90ba7866af7c6431c04d7db2225729

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:03 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 20:52:17 GMT
server: cloudflare
etag: W/"bca8921634a2770133b9a22619efc908"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51d1c9502c79-FRA

GET
H2 200 SlideShow.CDYdiQoR.css
cdn.onenews.com/public/_nuxt/ 3 KB
1 KB 38ms
38ms Stylesheet
text/css 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/SlideShow.CDYdiQoR.css
Requested by: Host: srm8plmyisn9d7dyn.ay.delivery
URL: https://srm8plmyisn9d7dyn.ay.delivery/manager-script/yield-manager-script-v3.0.7-hotfix.1-prod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7fcd9dc2e72ba53e9655e39f59e69e549a2085b6874b82ab82d9128e0435209

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2024 23:21:25 GMT
server: cloudflare
age: 2844
etag: W/"6c598e176ca7b6f93eac29c1a895518c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
cf-ray: 88fc51d1cee8381f-FRA

GET
H2 200 DJ5h1DGC.js Show response
cdn.onenews.com/public/_nuxt/ 3 KB
1 KB 236ms
236ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/DJ5h1DGC.js
Requested by: Host: srm8plmyisn9d7dyn.ay.delivery
URL: https://srm8plmyisn9d7dyn.ay.delivery/manager-script/yield-manager-script-v3.0.7-hotfix.1-prod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af22a873a5aee1a1ad16f013b0a245be9b97b312f595a5ae922c1aaa5f7f0009

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:03 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 20:52:13 GMT
server: cloudflare
etag: W/"8f6e930a3fb9847c21436d2190f5d05a"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51d1c9522c79-FRA

GET
H2 200 AdTile.C6M-r3vW.css
cdn.onenews.com/public/_nuxt/ 2 KB
832 B 40ms
40ms Stylesheet
text/css 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/AdTile.C6M-r3vW.css
Requested by: Host: srm8plmyisn9d7dyn.ay.delivery
URL: https://srm8plmyisn9d7dyn.ay.delivery/manager-script/yield-manager-script-v3.0.7-hotfix.1-prod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 947ced5bd2a196821cb0d6ecabfefd00729c3a2605fbb1b2b6fffa349bd80ebe

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2024 23:21:19 GMT
server: cloudflare
age: 2844
etag: W/"b72c452b72d4eb57fd10b7b37639719e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
cf-ray: 88fc51d1ceea381f-FRA

GET
H2 200 BR6M_11D.js Show response
cdn.onenews.com/public/_nuxt/ 3 KB
1 KB 243ms
243ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/BR6M_11D.js
Requested by: Host: srm8plmyisn9d7dyn.ay.delivery
URL: https://srm8plmyisn9d7dyn.ay.delivery/manager-script/yield-manager-script-v3.0.7-hotfix.1-prod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be4872ec766e5bb2f93bb9e9d1f45417f324fa506163a246ec5dac6a24ce8c3e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:03 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 20:52:04 GMT
server: cloudflare
etag: W/"1e6e8f7df74113ecc9ec87f6afea7f25"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51d1c9542c79-FRA

GET
H2 200 AdTileSmall.U3rbdVu4.css
cdn.onenews.com/public/_nuxt/ 3 KB
1 KB 40ms
40ms Stylesheet
text/css 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/AdTileSmall.U3rbdVu4.css
Requested by: Host: srm8plmyisn9d7dyn.ay.delivery
URL: https://srm8plmyisn9d7dyn.ay.delivery/manager-script/yield-manager-script-v3.0.7-hotfix.1-prod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c50406ace6a4e145151ea655302b8fb8e1e6b091304764fa8fb46a70daeb3995

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2024 23:21:19 GMT
server: cloudflare
age: 5023
etag: W/"05be8c81a2b9d8417d43651329770fd7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
cf-ray: 88fc51d1ceec381f-FRA

GET
H2 200 E9QcOojB.js Show response
cdn.onenews.com/public/_nuxt/ 1 KB
767 B 233ms
232ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/E9QcOojB.js
Requested by: Host: srm8plmyisn9d7dyn.ay.delivery
URL: https://srm8plmyisn9d7dyn.ay.delivery/manager-script/yield-manager-script-v3.0.7-hotfix.1-prod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69fdd0034615e0e1cdb9a674192ee7383d9227d96f0dac7ffb1bd62e1c491cc4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:03 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 20:52:18 GMT
server: cloudflare
etag: W/"790990130ada7d51353e25229f93eb62"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51d1c9552c79-FRA

GET
H2 200 OutbrainAdTile.kILmGKu6.css
cdn.onenews.com/public/_nuxt/ 72 B
171 B 43ms
43ms Stylesheet
text/css 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/OutbrainAdTile.kILmGKu6.css
Requested by: Host: srm8plmyisn9d7dyn.ay.delivery
URL: https://srm8plmyisn9d7dyn.ay.delivery/manager-script/yield-manager-script-v3.0.7-hotfix.1-prod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49d65cfd9f1c4d536c4f51ce393f5a328bba7528dc4ee1e38b671b68f65f7d92

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2024 23:21:25 GMT
server: cloudflare
age: 2844
etag: W/"025f2c8fef5047e9a40c0a61ab7f856a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
cf-ray: 88fc51d1ceed381f-FRA

GET
H2 200 BYRiIJUI.js Show response
cdn.onenews.com/public/_nuxt/ 5 KB
2 KB 236ms
236ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/BYRiIJUI.js
Requested by: Host: srm8plmyisn9d7dyn.ay.delivery
URL: https://srm8plmyisn9d7dyn.ay.delivery/manager-script/yield-manager-script-v3.0.7-hotfix.1-prod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 261d3217775f480d115f1c824ea4d2927c678ee6370072b0c743584bcaf460a1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:03 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 20:52:04 GMT
server: cloudflare
etag: W/"e51cc70b60f3450b8718d3245b895b0f"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51d1c9562c79-FRA

GET
H2 200 MsnWeather.D72bPcW8.css
cdn.onenews.com/public/_nuxt/ 2 KB
792 B 45ms
45ms Stylesheet
text/css 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/MsnWeather.D72bPcW8.css
Requested by: Host: srm8plmyisn9d7dyn.ay.delivery
URL: https://srm8plmyisn9d7dyn.ay.delivery/manager-script/yield-manager-script-v3.0.7-hotfix.1-prod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 372f82ee255981558e139402b4b068ccc0a4ce4e12e30363f5bd260bc0f09c29

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2024 22:51:07 GMT
server: cloudflare
age: 1820
etag: W/"b8f90ee7e621c42615d84c0ae9a3ad36"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
cf-ray: 88fc51d1ceef381f-FRA

GET
H2 200 Jzt4H2sM.js Show response
cdn.onenews.com/public/_nuxt/ 2 KB
1 KB 228ms
228ms Script
text/javascript 2606:4700:10::6816:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onenews.com/public/_nuxt/Jzt4H2sM.js
Requested by: Host: srm8plmyisn9d7dyn.ay.delivery
URL: https://srm8plmyisn9d7dyn.ay.delivery/manager-script/yield-manager-script-v3.0.7-hotfix.1-prod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c62ceff877d52623bf38524e4406dac59d21cad9f8330240af20c3755b836e78

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:03 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 20:52:18 GMT
server: cloudflare
etag: W/"34b01ece259c372ed20ccb493baafe5f"
vary: Origin, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://shiftntp.com
cache-control: max-age=1800
cf-ray: 88fc51d33a842c79-FRA

GET
H3 204 geoSearch
shiftntp.com/api/weather/ 0
0 210ms
210ms Fetch 172.67.214.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shiftntp.com/api/weather/geoSearch
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PwvZlg6QHoI2YmPK%2FPfpioSX8qbhDzSIJt%2FzPIhYliDxt5Am%2F18u4ff5NxjOBfh6saRxfSzQjYYGgQoILpICaMhRP4RZlD8GktebZJFA3dxESbzeLpDHb2HhHqiiIQM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 88fc51d34de08fd1-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 imago418356057-1200x628.jpg
www.karlsruhe-insider.de/wp-content/uploads/2024/06/ 156 KB
157 KB 88ms
31ms Image
image/jpeg 2606:4700:20::681a:e94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karlsruhe-insider.de/wp-content/uploads/2024/06/imago418356057-1200x628.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ca6d4a9d1c822c8a6f3a99d140bc0599cbce9a25737848943309681e14ec826

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 305094
cf-polished: origSize=160187
content-length: 160008
cf-bgj: imgq:100,h2pri
last-modified: Sun, 02 Jun 2024 17:25:37 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Qi6%2BUKqYmfa5QPw2u%2B%2FiwjWWpq3Xsndq%2B6yhIKteDd3JmfVllKCYrsngSKCkmtYBcH%2BdzUw54%2FdP%2F9SnOlQl%2FYulnoNv2H4xL1sUnN4O%2BKwPfxRraTtO%2FGtZU%2B9%2FCV3sI4iCXHbXWuZ7UvmPYaIPZvNxW%2BD0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88fc51d3bfe44d5c-FRA
expires: Tue, 01 Oct 2024 11:08:09 GMT

GET
H2 200 faviconV2
t0.gstatic.com/ 8 KB
9 KB 85ms
23ms Image
image/png 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://karlsruhe-insider.de&size=256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4adce7bc3b8da4dc66a4b0b44d638449cd854163468787a57860742f18cddc4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 16:35:39 GMT
x-content-type-options: nosniff
age: 199044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8348
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 08:22:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.karlsruhe-insider.de/wp-content/uploads/2024/04/logo_retina-96x96-1.png
expires: Tue, 11 Jun 2024 16:35:39 GMT

GET
H2 200 faz-share-logo.jpg
www.faz.net/ 46 KB
46 KB 127ms
31ms Image
image/jpeg 95.101.149.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.faz.net/faz-share-logo.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.149.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-149-114.deploy.static.akamaitechnologies.com

Software

Resource Hash

3536e242732fd104ae5d9c56dd52d387c26daac8ee089ad758bca73daf3c55e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age:60
date: Thu, 06 Jun 2024 23:53:03 GMT
last-modified: Mon, 03 Jun 2024 08:47:57 GMT
etag: "b6eb-koZThL2y3/3K/ipC4DQW6tzGUfw"
content-length: 46827
content-type: image/jpeg

GET
H2 200 faviconV2
t0.gstatic.com/ 3 KB
3 KB 119ms
57ms Image
image/png 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://faz.net&size=256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9500335f0bc9980c3afb557004e2c5177febce54359e7011a101472b01d02e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:31:37 GMT
x-content-type-options: nosniff
age: 206486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3050
x-xss-protection: 0
last-modified: Sat, 22 Jun 2024 10:51:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.faz.net/favicon.png
expires: Tue, 11 Jun 2024 14:31:37 GMT

GET
H2 200 774fce8f-7c7e-4995-b29f-e3b8c5644311.jpeg
www.sueddeutsche.de/2024/06/03/ 269 KB
270 KB 101ms
30ms Image
image/webp 2600:9000:225b:8000:1e:b6b1:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sueddeutsche.de/2024/06/03/774fce8f-7c7e-4995-b29f-e3b8c5644311.jpeg?q=60&fm=webp&width=1200&rect=0%2C53%2C2048%2C1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:8000:1e:b6b1:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

3c489c1f9402a3335fad9f3e4871b6f83e5544dc451300d8886d5cdc5f3ff778

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 10:51:04 GMT
via: 1.1 6ef87569c26a159f552948d3c30a2be0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P1
age: 306355
x-cache: Hit from cloudfront
x-imgix-id: ac0e972b8390e12263e58cc4db0528e5b42e8431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 275468
x-served-by: cache-sjc10057-SJC, cache-ams12739-AMS, cache-fra-etou8220142-FRA
last-modified: Mon, 03 Jun 2024 10:47:09 GMT
server: imgix
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: W4b0TgDOZJ5circiPO0YKKwQbzprMil8coRlCplcflWMG1Jix8aDnQ==

GET
H2 200 faviconV2
t0.gstatic.com/ 3 KB
4 KB 115ms
53ms Image
image/png 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://sueddeutsche.de&size=256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

763bd03b90a7c62dcdb96e919c9f31d18333c6540bcef7dff26eded8922b48d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:27:08 GMT
x-content-type-options: nosniff
age: 206755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3540
x-xss-protection: 0
last-modified: Wed, 12 May 2021 08:41:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.sueddeutsche.de/szde-assets/img/ligatur.svg
expires: Tue, 11 Jun 2024 14:27:08 GMT

GET
H/1.1 200
OK mabuse.jpg
p6.focus.de/img/kultur/stars/id_260010525/ 74 KB
74 KB 381ms
244ms Image
image/webp 2a02:26f0:3100::210:6e1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p6.focus.de/img/kultur/stars/id_260010525/mabuse.jpg?im=Crop%3D%280%2C290%2C3461%2C1730%29%3BResize%3D%281200%2C627%29&impolicy=perceptual&quality=mediumHigh&hash=042aa5402d1cd87eb863073577345ed91f347932670161dd11586ddb9dc9f466
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::210:6e1b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: e4d91849249c2b25d56f87ed0100848161f5305da933601022e263bddc2bab78

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 23:53:03 GMT
Last-Modified: Thu, 06 Jun 2024 07:27:48 GMT
Server: Akamai Image Manager
ETag: "396479c51d549a271416e6520281c28c:1717657764.562212"
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: private, no-transform, max-age=2592000
Connection: keep-alive
Content-Length: 75390
Expires: Sat, 06 Jul 2024 23:53:03 GMT

GET
H2 200 faviconV2
t0.gstatic.com/ 4 KB
4 KB 115ms
54ms Image
image/png 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://focus.de&size=256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08186ec1cb321f50708b91ca92237f7b18f16c5ef172f5c472823596096b0ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:23:47 GMT
x-content-type-options: nosniff
age: 206956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3800
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 10:36:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://m.focus.de/apple-touch-icon.png
expires: Tue, 11 Jun 2024 14:23:47 GMT

GET
H2 200 166305c5-363a-47fa-8279-09f116607689_w1200_r1.778_fpx32.66_fpy44.99.jpg
cdn.prod.www.spiegel.de/images/ 136 KB
136 KB 236ms
109ms Image
image/jpeg 2a02:26f0:3500:11::215:14d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.www.spiegel.de/images/166305c5-363a-47fa-8279-09f116607689_w1200_r1.778_fpx32.66_fpy44.99.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b40bd4129e2d39618d4049fcf34f8323eb0734233d80c79d7d6f50af7399b0db

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:03 GMT
akamai-cache-status: Miss from child, Hit from parent
last-modified: Mon, 03 Jun 2024 11:42:39 GMT
x-ttl: 900.000
x-cache-grace: 300.000
etag: "9f42bb22d4f160e221f75d4f86f1c174"
content-type: image/jpeg
cache-control: public, s-maxage=2592000, max-age=2592000
accept-ranges: bytes
content-length: 138970
expires: Mon, 03 Jun 2024 12:43:01 GMT

GET
H2 200 faviconV2
t0.gstatic.com/ 3 KB
3 KB 117ms
56ms Image
image/jpeg 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://spiegel.de&size=256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127386631354278cdcd11834148983a671a6a7daf4d199d23a1469a0f9c76889

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:26:50 GMT
x-content-type-options: nosniff
age: 206773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2932
x-xss-protection: 0
last-modified: Tue, 17 Dec 2019 16:59:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://cdn.prod.www.spiegel.de/public/spon/images/icons/touch-icon180.png
expires: Tue, 11 Jun 2024 14:26:50 GMT

GET
H2 200 79eac7c7-8ac6-4a20-87c9-01e3a89d9a28_w1200_r1.778_fpx38_fpy51.jpg
cdn.prod.www.spiegel.de/images/ 204 KB
204 KB 213ms
109ms Image
image/jpeg 2a02:26f0:3500:11::215:14d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.www.spiegel.de/images/79eac7c7-8ac6-4a20-87c9-01e3a89d9a28_w1200_r1.778_fpx38_fpy51.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e74b3a23edd2afadde7b1d5ca2e3fd913f665750f4fc17c3989c9d7252bd37be

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:03 GMT
akamai-cache-status: Miss from child, Hit from parent
last-modified: Mon, 03 Jun 2024 09:20:03 GMT
x-ttl: 900.000
x-cache-grace: 300.000
etag: "d321eb1b7c156681106b1336d5d95d43"
content-type: image/jpeg
cache-control: public, s-maxage=2592000, max-age=2592000
accept-ranges: bytes
content-length: 208607
expires: Mon, 03 Jun 2024 10:35:20 GMT

GET
H2 200 junge-royals-estelle-sandalen.jpg
image.brigitte.de/13823822/t/I6/v4/w1440/r1.7778/-/ 145 KB
145 KB 123ms
35ms Image
image/jpeg 23.213.161.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.brigitte.de/13823822/t/I6/v4/w1440/r1.7778/-/junge-royals-estelle-sandalen.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-205.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ff08a4fe04ddd895c73e21560be716ca5402e4c21013f082ffcd34df2fd9a981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-origin-object-info: varnish6-1-cmsites-prod-2.coremedia.guj.digital HIT ttl=15551787.903 grace=86400.000 age=212.097
strict-transport-security: max-age=31536000 ; includeSubDomains
date: Thu, 06 Jun 2024 23:53:03 GMT
x-content-type-options: nosniff
x-origin: coremedia-prod
x-frontend-cache: max-age=15551787
vha6-origin: varnish6-2-cmsites-prod-2.coremedia.guj.digital
x-cache-origin-request-date: Fri, 31 May 2024 12:10:21 GMT
content-length: 148092
x-xss-protection: 1; mode=block
server: Apache
x-frame-options: DENY
x-remaining-max-age: 15551787
content-type: image/jpeg;charset=UTF-8
x-varnish: 536242369 547013129
x-cache-origin-request-trace: xid=536242369, restarts=0
x-edge-cache-tag: bpc13823822
x-cache-hit: HIT
cache-control: public, max-age=14991094
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 faviconV2
t0.gstatic.com/ 2 KB
2 KB 31ms
29ms Image
image/png 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://brigitte.de&size=256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

469a40d0fdbd3e1a958ad70b0bbe8cfc37010e791269a0ad0b2db97463b467a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:35:37 GMT
x-content-type-options: nosniff
age: 206246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1917
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 13:46:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.brigitte.de/__assets/icon-192.bri.png
expires: Tue, 11 Jun 2024 14:35:37 GMT

GET
DATA 200
OK truncated
/ 270 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28be9a6633497e42851758e4e65310f53218e58cb239cd7abc2a1bc1c57c291f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f21674d6562c61338d156ac056e218d06f8c0b9e6d814f0d1ad4822b490f74f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 leo-ist-nach-seiner-rettung-nochmal-aufgeblueht.jpg
images.t-online.de/2024/06/OUFinkDPu632/0x94:489x275/fit-in/1800x0/ 102 KB
103 KB 102ms
31ms Image
image/webp 2600:9000:26db:4000:1c:5a8a:b300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.t-online.de/2024/06/OUFinkDPu632/0x94:489x275/fit-in/1800x0/leo-ist-nach-seiner-rettung-nochmal-aufgeblueht.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:4000:1c:5a8a:b300:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

65f3fb31bcb256fcc90e6d8c40ee54a595e48544a275dbd89e00892442f08c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 06:59:11 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: MUC50-P3
age: 147232
x-amzn-requestid: 3f436a08-174f-4581-a15f-444db8b9e11e
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 104462
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 05 Jun 2024 05:37:35 GMT
etag: "b72c5ebad28e165d9f0741885f5ad5df"
x-amzn-trace-id: root=1-66600cbe-59a6faa90fbaeb6f17379dd0;parent=0d9cae0bcae0df07;sampled=0;lineage=5c2d494c:0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: KHbO8hGir_dANLkBccFcJ6nNkW7e7Sc1QSy5IOXAUhAQ-4XJKOkcEA==

GET
H2 200 faviconV2
t0.gstatic.com/ 771 B
928 B 91ms
52ms Image
image/png 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://t-online.de&size=256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd4e4166b4759dd7b61e540a2d7db9b97df7a497b654d2c0fd11086cfaf48709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:10:45 GMT
x-content-type-options: nosniff
age: 207738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 771
x-xss-protection: 0
last-modified: Sat, 18 May 2024 10:49:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.t-online.de/apple-touch-icon-precomposed.png
expires: Tue, 11 Jun 2024 14:10:45 GMT

GET
H2 200 284c647b-9195-47fc-ad0a-51720f62c48c.jpeg
www.sueddeutsche.de/2024/05/22/ 75 KB
76 KB 158ms
110ms Image
image/webp 2600:9000:225b:8000:1e:b6b1:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sueddeutsche.de/2024/05/22/284c647b-9195-47fc-ad0a-51720f62c48c.jpeg?q=60&fm=webp&width=1200&rect=undefined%2Cundefined%2Cundefined%2Cundefined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:8000:1e:b6b1:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

69f12469670e8bf3320cb226b378d4e07d30fd1dac42f5f37e2e91e26b8b048d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 13:36:57 GMT
via: 1.1 6ef87569c26a159f552948d3c30a2be0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P1
age: 37027
x-cache: Hit from cloudfront
x-imgix-id: 3cc775e11603a56436765d43eddeee3a8794ff1e
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77074
x-served-by: cache-sjc1000087-SJC, cache-ams21049-AMS, cache-fra-etou8220132-FRA
last-modified: Thu, 06 Jun 2024 13:35:56 GMT
server: imgix
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: UKwrHVHazwzvrTLDLD1q2DMuquHHl41W0CSF56zaOk_SrTAY8ZsHUg==

GET
H2 200 e6zppv60urfa4mix9yw5vbr5ootvp45c.jpg
media.tag24.de/1200x800/e/6/ 110 KB
110 KB 94ms
37ms Image
image/webp 2606:4700::6812:1d9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.tag24.de/1200x800/e/6/e6zppv60urfa4mix9yw5vbr5ootvp45c.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d9b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1107f4a2c73e2818b9c5d77ce91f4d68fb36954800019928a634b3c7474f83b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 144820
cf-polished: qual=85, origFmt=jpeg, origSize=285311
content-disposition: inline; filename="e6zppv60urfa4mix9yw5vbr5ootvp45c.webp"
content-length: 112338
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 May 2024 06:02:58 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88fc51d3dd219bbc-FRA
expires: Thu, 05 Jun 2025 07:39:23 GMT

GET
H2 200 faviconV2
t0.gstatic.com/ 5 KB
5 KB 89ms
50ms Image
image/png 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://tag24.de&size=256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d817e765c33464aa6fb3fa27db8e394866149455072c3d9aec0dcd365cbcf153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 15:05:37 GMT
x-content-type-options: nosniff
age: 204446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4797
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 06:56:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.tag24.de/img/favicons/apple-touch-icon.png
expires: Tue, 11 Jun 2024 15:05:37 GMT

GET
H/1.1 200
OK das-thema-greenwashing.jpg
media0.faz.net/ppmedia/aktuell/finanzen/1914951572/1.9766130/facebook_teaser/ 354 KB
354 KB 143ms
59ms Image
image/jpeg 2a02:26f0:1700:186::31ca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media0.faz.net/ppmedia/aktuell/finanzen/1914951572/1.9766130/facebook_teaser/das-thema-greenwashing.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:186::31ca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

9a08a71a70e6fe63a8cb994279c0f72b7a4cd844b350c1f7152a93b07cc7f6f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=15638400
x-debug-laa
Date: Thu, 06 Jun 2024 23:53:03 GMT
Last-Modified: Wed, 05 Jun 2024 07:50:05 GMT
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIi PSAi PSDi OUR STP UNI COM NAV INT STA PRE"
Content-Type: image/jpeg
Cache-Control: public, max-age=600
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 362043
X-Request-ID: cbed6698e7a8a0b75a047206c381ef62

GET
H2 200 90d408e9d955b0abab02c872fabf6bd3,15ebb253
images.bild.de/665efcf30120a81760a4e1ed/ 72 KB
72 KB 223ms
102ms Image
image/webp 23.48.23.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.bild.de/665efcf30120a81760a4e1ed/90d408e9d955b0abab02c872fabf6bd3,15ebb253?w=1280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-11.deploy.static.akamaitechnologies.com
Software: Skipper /
Resource Hash: e44b6ec67db0a02e20ff40d4dfa10303df3461dbf466a98e2aeb230f85da0105

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fetcher-etag: "8be8a732e9f2a6d5f29aef21a044124c"
x-fetcher-last-modified: Tue, 04 Jun 2024 12:16:27 GMT
date: Thu, 06 Jun 2024 23:53:03 GMT
server: Skipper
etag: "2131431883"
content-type: image/webp
cache-control: must-revalidate, public
content-length: 73298
expires: Wed, 04 Jun 2025 12:13:10 GMT

GET
H2 200 faviconV2
t0.gstatic.com/ 749 B
916 B 65ms
26ms Image
image/png 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://bild.de&size=256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f9c1ce0ccf96ea2c4270817dd39fa66b8c5dea82757e3e2cdd27c2cfba70aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 17:30:43 GMT
x-content-type-options: nosniff
age: 282140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 749
x-xss-protection: 0
last-modified: Tue, 26 May 2020 04:26:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://a.bildstatic.de/assets/static/android-chrome-192x192.c96373b9.png
expires: Mon, 10 Jun 2024 17:30:43 GMT

GET
H2 200 Buerostuhl_GettyImages-Westend61-0d91f9b646389177.jpg
www.chip.de/ii/1/2/6/8/7/1/7/7/9/ 2 MB
2 MB 239ms
113ms Image
image/jpeg 2a02:26f0:3100::1735:2b11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.chip.de/ii/1/2/6/8/7/1/7/7/9/Buerostuhl_GettyImages-Westend61-0d91f9b646389177.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2b11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a350ddb6e1066af1713bf3aed1b8efe680ca6af7a38f5fa4b08f7a0b1e37c041

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: BMoA5c2mw.F7mUTd3ChEsYaOQdc2r3R.
date: Thu, 06 Jun 2024 23:53:03 GMT
x-amz-meta-user-agent-id: interred-production@s-75004e4f68644612b
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
content-length: 1747848
last-modified: Tue, 23 Jan 2024 15:46:54 GMT
server: AmazonS3
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version
etag: "0d91f9b646389177b714791f1819eabf"
x-amz-meta-user-agent: AWSTransfer
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
permissions-policy: ch-ua-model=*,ch-ua-platform-version=*
accept-ranges: bytes
x-amz-cf-id: I3Zo3uxxOUV2_bM6eeZXD_idun3GVYqRoeXJ6K639AK9iyvY8h895w==

GET
H2 200 faviconV2
t0.gstatic.com/ 956 B
1 KB 68ms
28ms Image
image/png 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://chip.de&size=256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

191af99f458a5244677a2a39d9c80b192f627ffee8268a786ee1922d8600cd72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 15:05:37 GMT
x-content-type-options: nosniff
age: 204446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 956
x-xss-protection: 0
last-modified: Sun, 09 Jun 2024 22:44:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.chip.de/fec/assets/favicon/apple-touch-icon.png?v=02
expires: Tue, 11 Jun 2024 15:05:37 GMT

GET
H2 200 wide__1300x731
img.zeit.de/news/2024-06/04/jasna-fritzi-bauer-stellt-partnerin-und-tochter-vor-image-group/ 48 KB
49 KB 347ms
292ms Image
image/webp 151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.zeit.de/news/2024-06/04/jasna-fritzi-bauer-stellt-partnerin-und-tochter-vor-image-group/wide__1300x731

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.49 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f0fceba4174f2d6bfaff88ffaa7bc0db9dd284b0bd904dddbf2623d13a17ca3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jun 2024 23:53:03 GMT
age: 0
content-type: image/webp
cache-control: max-age=7776000
content-disposition: inline; filename="jasna-fritzi-bauer-stellt-partnerin-und-tochter-vor-image-group.webp"
accept-ranges: bytes
content-length: 49560
expires: Wed, 04 Sep 2024 23:53:03 GMT

GET
H2 200 faviconV2
t0.gstatic.com/ 3 KB
3 KB 66ms
27ms Image
image/png 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://zeit.de&size=256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae4301f4fab33a82d2cf0d0d6f3ea978d1743a538ac4206fd73b7215e0105173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:22:23 GMT
x-content-type-options: nosniff
age: 207040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3008
x-xss-protection: 0
last-modified: Sat, 15 May 2021 02:34:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://static.zeit.de/p/zeit.web/icons/favicon.svg
expires: Tue, 11 Jun 2024 14:22:23 GMT

GET
H2 200 1654606108977%2Cidyllen-und-katastrophen-swr2-essay-2022-02-27-102~_v-16x9@2dL_-6c42aff4e68b43c7868c3240d3ebfa29867457da.gif
www.swr.de/swrkultur/doku-und-feature/ 285 KB
286 KB 119ms
31ms Image
image/avif 104.102.44.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.swr.de/swrkultur/doku-und-feature/1654606108977%2Cidyllen-und-katastrophen-swr2-essay-2022-02-27-102~_v-16x9@2dL_-6c42aff4e68b43c7868c3240d3ebfa29867457da.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.44.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-44-114.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 0544be3d50b723d2270a1b6335e4b4ba8d2e102bc9a58d1d20ac6a252c29fc9a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:03 GMT
last-modified: Tue, 23 Apr 2024 04:23:45 GMT
server: Akamai Image Manager
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=43200
content-length: 292158
expires: Fri, 07 Jun 2024 11:53:03 GMT

GET
H2 200 faviconV2
t0.gstatic.com/ 3 KB
3 KB 31ms
30ms Image
image/png 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://swr.de&size=256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4bb0c6fab6a73f3ac7209f7bebbc1918ad5d64dea4f5e16e4128aa826f52c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 21:25:39 GMT
x-content-type-options: nosniff
age: 181644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2620
x-xss-protection: 0
last-modified: Sat, 29 Jun 2024 19:10:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.swr.de/assets/swr/icon.svg
expires: Tue, 11 Jun 2024 21:25:39 GMT

GET
H2 200 734427b3-8801-4c3a-99a8-0fa1a268fcb6_w1200_r1.778_fpx45_fpy61.jpg
cdn.prod.www.spiegel.de/images/ 58 KB
59 KB 223ms
118ms Image
image/jpeg 2a02:26f0:3500:11::215:14d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.www.spiegel.de/images/734427b3-8801-4c3a-99a8-0fa1a268fcb6_w1200_r1.778_fpx45_fpy61.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: dc70bceac4e7bcc771be5eeba3b19e21c2efe27b23f63699e778208b291f3cb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:03 GMT
akamai-cache-status: Miss from child, Hit from parent
last-modified: Wed, 05 Jun 2024 04:45:34 GMT
x-ttl: 900.000
x-cache-grace: 300.000
etag: "844e4f394e53888895b3fc109997a8e1"
content-type: image/jpeg
cache-control: public, s-maxage=2592000, max-age=2592000
accept-ranges: bytes
content-length: 59633
expires: Wed, 05 Jun 2024 06:10:48 GMT

GET
H2 200 schulanfang-geschenke,id=a1e0f271,b=wunderweib,w=1600,rm=sk.jpeg
images.wunderweib.de/ 196 KB
196 KB 130ms
55ms Image
image/jpeg 2600:9000:237d:c000:10:f12b:3700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wunderweib.de/schulanfang-geschenke,id=a1e0f271,b=wunderweib,w=1600,rm=sk.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:c000:10:f12b:3700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: def2bdbc4871cfbd3d18760f73ac050d0bc13ca4c918bc685bce7c74edb22b22

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 07:51:12 GMT
x-amz-version-id: ganaEvSq76NS03.c8frf9HkZeHR2dfGj
via: 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
x-amz-request-id: 37WQ12725DC31NMX
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
age: 144112
x-cache: Hit from cloudfront
content-length: 200253
x-amz-id-2: yIP1t9lGkFnSzUH/vr8Gi42Y3W0HutM8knuckL8EUt8xz0TwTUrQ1JR+W64B4DWnmRZpKvts42YftfacdRz0Ww==
last-modified: Wed, 05 Jun 2024 07:42:42 GMT
server: AmazonS3
etag: "e8cb0f07e644e1357aa2952816cd5dab"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: IWLjEAXiNC7NuyTa3FVYAaj4c5DnZteyHGVOs1t0pIAJU5SY5y_P0g==

GET
H2 200 faviconV2
t0.gstatic.com/ 32 KB
32 KB 68ms
29ms Image
image/png 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://wunderweib.de&size=256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f22308922ae307be692cbf871b9dbef0255b7283ab1cf138bed50d11d2b02eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 18:35:41 GMT
x-content-type-options: nosniff
age: 278242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32476
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 23:16:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.wunderweib.de/images/wunderweib/icons/favicon-196x196.png
expires: Mon, 10 Jun 2024 18:35:41 GMT

GET
H2 200 MediaMarkt-Saturn-PlayStation-5-Slim-EA-Sports-FC-24-1fdea2fa75fc77ec.jpg
i.computer-bild.de/imgs/1/5/3/1/6/0/2/3/ 306 KB
276 KB 381ms
118ms Image
image/jpeg 23.53.42.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.computer-bild.de/imgs/1/5/3/1/6/0/2/3/MediaMarkt-Saturn-PlayStation-5-Slim-EA-Sports-FC-24-1fdea2fa75fc77ec.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.42.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-153.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ffdebca5dacdca748f05ae0cb3581e4df4145f41cebd33bf0cda790a2dfc709

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:03 GMT
content-encoding: gzip
last-modified: Tue, 04 Jun 2024 12:33:53 GMT
server: Apache
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: www.computerbild.de
cache-control: public, max-age=391509
accept-ranges: bytes
content-length: 282076

GET
H/1.1 200
OK some-default.jpg
www.presseportal.de/ 137 KB
138 KB 124ms
31ms Image
image/jpeg 193.201.168.19
DPA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.presseportal.de/some-default.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.201.168.19 , Germany, ASN21192 (DPA-AS, DE),
Reverse DNS: polizeipresse.de
Software: Apache /
Resource Hash: fd204ba05bf5cc268f5864503fcce1e0938d5e9490bfc7cd9ed6f1c86b8a4e9c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 23:53:03 GMT
Last-Modified: Mon, 22 Apr 2024 08:13:10 GMT
Server: Apache
ETag: "2255e-616ab02196f3b"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=498
Content-Length: 140638

GET
H2 200 faviconV2
t0.gstatic.com/ 2 KB
2 KB 32ms
32ms Image
image/png 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://presseportal.de&size=256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98374ddf951a5e6ad21f36fbdfb516e801a214dc362c92b3b56f6c23d2622dc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:03 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1537
x-xss-protection: 0
last-modified: Fri, 18 Jan 2019 13:02:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.presseportal.de/assets/img/favicons/de.png?4
expires: Thu, 13 Jun 2024 23:53:03 GMT

GET
H2 200 wide__1300x731
img.zeit.de/news/2024-06/03/fachtag-zu-kulturarbeit-auf-dem-land-in-eisleben-image-group/ 57 KB
57 KB 292ms
238ms Image
image/webp 151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.zeit.de/news/2024-06/03/fachtag-zu-kulturarbeit-auf-dem-land-in-eisleben-image-group/wide__1300x731

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.49 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1d6b6cdf8b40ef38f374cd40384f3e39df52af609c44a2190f9eb449621d674b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jun 2024 23:53:03 GMT
age: 0
content-type: image/webp
cache-control: max-age=7776000
content-disposition: inline; filename="fachtag-zu-kulturarbeit-auf-dem-land-in-eisleben-image-group.webp"
accept-ranges: bytes
content-length: 57976
expires: Wed, 04 Sep 2024 23:53:03 GMT

GET
H2 200 bank318_v-contentxl.png
www.ndr.de/nachrichten/niedersachsen/braunschweig_harz_goettingen/ 37 KB
37 KB 117ms
32ms Image
image/avif 2a02:26f0:480:99a::231f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ndr.de/nachrichten/niedersachsen/braunschweig_harz_goettingen/bank318_v-contentxl.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:99a::231f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1a13429d657f30008fbafdc6654846217105afcdcd1f4f4541a3ac9373b1ddda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:03 GMT
strict-transport-security: max-age=15768000
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Jun 2024 14:03:33 GMT
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=43200
content-length: 37641
x-xss-protection: 1; mode=block
expires: Fri, 07 Jun 2024 11:53:03 GMT

GET
H2 200 faviconV2
t0.gstatic.com/ 1 KB
2 KB 30ms
30ms Image
image/png 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://ndr.de&size=256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba15d07eaf4992281351cb21e94bb61045cd1146c537470d747a0eb27874abc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:35:37 GMT
x-content-type-options: nosniff
age: 206246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1444
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 13:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.ndr.de/favicon-196x196.png
expires: Tue, 11 Jun 2024 14:35:37 GMT

GET
H2 200 image.jpg
www.rtl.de/img/1643165/1717487566/c16_9/1200/ 76 KB
76 KB 114ms
40ms Image
image/jpeg 18.173.187.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rtl.de/img/1643165/1717487566/c16_9/1200/image.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-70.muc50.r.cloudfront.net

Software

Resource Hash

ebb340869f0d36734ca66141bb0115b90764f15ce54c75df6910e2ba847bfe47

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 09:14:44 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 0a93e5f50864322b5cd49038d9c83154.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 52699
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2700000
content-length: 77371
cid: 1643165
x-amz-cf-id: x7BZ8im78zcWwelp7DtMg4ceZ0Dm2GQfnn68SHTNpISYcxgytXY76A==

GET
H2 200 faviconV2
t0.gstatic.com/ 679 B
818 B 29ms
28ms Image
image/png 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://rtl.de&size=256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29dc2ce22835295e630529677fa5e23805a8c5026ea52f76fd2b16b730b4a49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:37:27 GMT
x-content-type-options: nosniff
age: 206136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 679
x-xss-protection: 0
last-modified: Sat, 30 Dec 2023 19:14:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.rtl.de/favicon.ico
expires: Tue, 11 Jun 2024 14:37:27 GMT

GET
H2 200 d8b15a84ca594b79f82809eb8ae74897,fce49398
images.bild.de/665d824cc34cbc2d431c0355/ 156 KB
156 KB 64ms
39ms Image
image/jpeg 23.48.23.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.bild.de/665d824cc34cbc2d431c0355/d8b15a84ca594b79f82809eb8ae74897,fce49398?w=1280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-11.deploy.static.akamaitechnologies.com
Software: Skipper /
Resource Hash: af45db2267d616093819cea377d79b3275af6d0e64284af8e5157bbc6652ea3c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fetcher-etag: "40c1ee49997b23820a15090279b26fe6"
x-fetcher-last-modified: Mon, 03 Jun 2024 12:43:30 GMT
date: Thu, 06 Jun 2024 23:53:03 GMT
server: Skipper
etag: "997629868"
content-type: image/jpeg
cache-control: must-revalidate, public
content-length: 159919
expires: Wed, 03 Jul 2024 12:41:22 GMT

GET
H2 200 8bd2bf1c-2afa-4e74-91da-3739c7344d84_w1200_r1.778_fpx55.49_fpy49.99.jpg
cdn.prod.www.spiegel.de/images/ 155 KB
156 KB 46ms
37ms Image
image/jpeg 2a02:26f0:3500:11::215:14d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.www.spiegel.de/images/8bd2bf1c-2afa-4e74-91da-3739c7344d84_w1200_r1.778_fpx55.49_fpy49.99.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b1f2635b6d766c24a5aea04ab3bb6070c12087d8f9cadd4d9622c567a16d6381

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:53:03 GMT
akamai-cache-status: Hit from child
last-modified: Mon, 03 Jun 2024 14:15:12 GMT
x-ttl: 900.000
x-cache-grace: 300.000
etag: "47ecd2b8b0a1a707be2f55f5b4a1def4"
content-type: image/jpeg
cache-control: public, s-maxage=2592000, max-age=2592000
accept-ranges: bytes
content-length: 159111
expires: Mon, 03 Jun 2024 17:03:22 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
0 0ms
0ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://shiftntp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:10:43 GMT
x-content-type-options: nosniff
age: 207738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:10:43 GMT

GET
H2 200 platforms Show response
mv.outbrain.com/Multivac/api/ 22 KB
7 KB 537ms
455ms Script
text/javascript 146.75.122.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.outbrain.com/Multivac/api/platforms?portalUrl=https%3A%2F%2Fshiftntp.com%2F&idx=0&rand=56434&widgetJSId=AR_7&va=true&et=true&format=html&lang=de&extid=0_1000_100_1000_100_691231&px=1136&py=256&vpd=0&settings=true&recs=true&cw=300&key=ONELA2JBJF199O5BKEIEEDG98&tch=0&adblck=false&abwl=false&ab=0&wl=0&activeTab=true&cha=x86&chb=64&chfv=%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125.0.6422.141%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125.0.6422.141%22%7D%2C%7B%22brand%22%3A%22Not.A%2FBrand%22%2C%22version%22%3A%2224.0.0.0%22%7D%5D&chpv=10.0.0&chp=Win32&version=2010826&sig=KQe5yxQ2&apv=false&osLang=de-DE&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fshiftntp.com%2F

Requested by

Host: srm8plmyisn9d7dyn.ay.delivery
URL: https://srm8plmyisn9d7dyn.ay.delivery/manager-script/yield-manager-script-v3.0.7-hotfix.1-prod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

79e4c28040778158c9dde3072b56e7e3e02041bf9e9ec62fdb43eed969ac5345

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jun 2024 23:53:03 GMT
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1717717984.566904,VS0,VE422
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-traceid: d9675a56c717a3e57ec23af9063ac682
accept-ranges: bytes
content-length: 6773
x-served-by: cache-lga21967-LGA, cache-fra-etou8220094-FRA

GET
H2 200 ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ 4 KB
4 KB 26ms
25ms Image
image/svg+xml 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9764f6ea10d17a29553a666699d2a12bbbf6805ec29f539084c051285d86c516

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 06 Jul 2024 23:53:04 GMT
date: Thu, 06 Jun 2024 23:53:04 GMT
last-modified: Sun, 25 Feb 2024 08:33:18 GMT
server: AkamaiNetStorage
etag: "1415406c6886077dae89bf474cd6c146:1708851051.235098"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 4128
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 990 B
1 KB 25ms
24ms Image
image/svg+xml 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 06 Jul 2024 23:53:04 GMT
date: Thu, 06 Jun 2024 23:53:04 GMT
last-modified: Sun, 25 Feb 2024 08:33:18 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1708851030.144644"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
429 B 460ms
114ms Fetch
text/plain 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://mcdp-nydc1.outbrain.com/l?token=9dedafa1878c27a64c314a5ad66ccdb1_201052_1717717983939_1&tm=2031&eT=0&widgetWidth=300&widgetHeight=250&widgetX=1136&widgetY=256&wRV=2010826&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=541&oo=true&lo=3373&obreq=2730&mvreq=4908&mvres=5449&cet=4g&to=1717717978555&ll=0&chs=8&ab=0&wl=0&retries=0

Requested by

Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 23:53:04 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: baeedc50e9fb79081fe84974b5fe8ec7
Content-Length: 6

POST
H2 200 / Show response
api.assertcom.de/ 0
307 B 153ms
53ms XHR
text/plain 65.108.134.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.assertcom.de/
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 65.108.134.244 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.134.108.65.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jun 2024 23:53:04 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
access-control-allow-origin: https://shiftntp.com
cache-control: no-store, no-cache, private, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding
content-length: 0
expires: Thu, 01 Jan 1980 00:00:01 GMT

GET
H2 200 platforms Show response
mv.outbrain.com/Multivac/api/ 22 KB
7 KB 444ms
444ms Script
text/javascript 146.75.122.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.outbrain.com/Multivac/api/platforms?portalUrl=https%3A%2F%2Fshiftntp.com%2F&idx=1&rand=38581&widgetJSId=AR_8&va=true&et=true&format=html&lang=de&t=MWUyYTk0OTQyZjM2NjhiMGM2NWEzOGEwZTdlMDI4MjY=&extid=0_1000_100_1000_100_691231&px=488&py=912&vpd=0&settings=true&recs=true&cw=300&key=ONELA2JBJF199O5BKEIEEDG98&tch=0&adblck=false&abwl=false&ab=0&wl=0&activeTab=true&cha=x86&chb=64&chfv=%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125.0.6422.141%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125.0.6422.141%22%7D%2C%7B%22brand%22%3A%22Not.A%2FBrand%22%2C%22version%22%3A%2224.0.0.0%22%7D%5D&chpv=10.0.0&chp=Win32&version=2010826&sig=KQe5yxQ2&apv=false&osLang=de-DE&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fshiftntp.com%2F

Requested by

Host: srm8plmyisn9d7dyn.ay.delivery
URL: https://srm8plmyisn9d7dyn.ay.delivery/manager-script/yield-manager-script-v3.0.7-hotfix.1-prod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c9a35337118205e1f0b6bb0bf250b12c073aa95fe348a611672cc531a019e7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jun 2024 23:53:04 GMT
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1717717984.036895,VS0,VE409
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-traceid: 5624f8c6c011cebba0b0110362201364
accept-ranges: bytes
content-length: 6832
x-served-by: cache-lga21948-LGA, cache-fra-etou8220094-FRA

GET
H2 200 monitor.html
widgets.outbrain.com/widgetMonitor/ Frame 7BAE 0
0 25ms
24ms Document
text/html 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Requested by: Host: srm8plmyisn9d7dyn.ay.delivery
URL: https://srm8plmyisn9d7dyn.ay.delivery/manager-script/yield-manager-script-v3.0.7-hotfix.1-prod
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://shiftntp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 1606
content-type: text/html
date: Thu, 06 Jun 2024 23:53:04 GMT
etag: "1295e69d949ede7964200763acaebc50:1679841729.42395"
expires: Thu, 13 Jun 2024 23:53:04 GMT
last-modified: Sun, 26 Mar 2023 14:35:45 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 eyJpdSI6IjM4NWZiMmM3MDNjMmVjM2ZkOTBmNTAzNGZkYjliNDE3ZGM0ZWUyOTc5OWI2MDQ2NDhhMWMzMTRiZmZiYjU5ZmIiLCJ3IjozMDAsImgiOjEzNCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 5 KB
6 KB 118ms
37ms Image
image/webp 23.32.101.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6IjM4NWZiMmM3MDNjMmVjM2ZkOTBmNTAzNGZkYjliNDE3ZGM0ZWUyOTc5OWI2MDQ2NDhhMWMzMTRiZmZiYjU5ZmIiLCJ3IjozMDAsImgiOjEzNCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.32.101.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-32-101-241.deploy.static.akamaitechnologies.com

Software

Resource Hash

97450eb2a46c66095c763251eb38194fb1db8ec19a986afa2d69c1d53f493f02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Jun 2024 23:53:04 GMT
last-modified: Tue, 04 Jun 2024 14:19:37 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2283758
access-control-allow-credentials: false
x-traceid: 9f53ec802cdd7df3658fdef72a33b006
timing-allow-origin: *, *
content-length: 5446

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
429 B 120ms
115ms Fetch
text/plain 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://mcdp-nydc1.outbrain.com/l?token=292efbadbca79146806a353d8b2c86cb_201052_1717717984400_1&tm=2487&eT=0&widgetWidth=300&widgetHeight=250&widgetX=488&widgetY=912&wRV=2010826&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=448&oo=true&lo=3373&obreq=2730&mvreq=5458&mvres=5906&cet=4g&to=1717717978555&ll=0&chs=8&ab=0&wl=0&retries=0

Requested by

Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 23:53:04 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 56dce73a2cd0a28be9d06dc23804ed1f
Content-Length: 6

POST
H2 200 / Show response
api.assertcom.de/ 0
306 B 53ms
52ms XHR
text/plain 65.108.134.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.assertcom.de/
Requested by: Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/8QgVgQtc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 65.108.134.244 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.134.108.65.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jun 2024 23:53:04 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
access-control-allow-origin: https://shiftntp.com
cache-control: no-store, no-cache, private, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding
content-length: 0
expires: Thu, 01 Jan 1980 00:00:01 GMT

GET
H2 200 eyJpdSI6IjNjYjM4ZjEwM2VmNzM1MzRkNmNjMDQyOWUwNThjMmM1YTExZDQ1MzUwMTgyYjcyNmFiZGZiYzY5MTY5NTgyNDUiLCJ3IjozMDAsImgiOjEzNCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 8 KB
8 KB 175ms
175ms Image
image/webp 23.32.101.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6IjNjYjM4ZjEwM2VmNzM1MzRkNmNjMDQyOWUwNThjMmM1YTExZDQ1MzUwMTgyYjcyNmFiZGZiYzY5MTY5NTgyNDUiLCJ3IjozMDAsImgiOjEzNCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.32.101.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-32-101-241.deploy.static.akamaitechnologies.com

Software

Resource Hash

850f8fe8995d8c949c1b71a4adc1bbddc152b6dbf770b918e97ecdc91fc21578

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://shiftntp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Jun 2024 23:53:04 GMT
last-modified: Fri, 24 May 2024 08:01:33 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2462400
access-control-allow-credentials: false
x-traceid: e71face83af2a3d43b9bfa75ffbc9a40
timing-allow-origin: *, *
content-length: 8368

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
shiftntp.com/	1970-01-21 05:54:13	Name: i18n_redirected Value: de
srm8plmyisn9d7dyn.ay.delivery/	1970-01-20 21:51:49	Name: aym_split-id Value: 33
.shiftntp.com/	1970-01-21 06:44:37	Name: _ga_C8QGCBZ3PC Value: GS1.1.1717717981.1.0.1717717981.60.0.0
.shiftntp.com/	1970-01-20 21:10:04	Name: _gid Value: GA1.2.933928113.1717717982
.shiftntp.com/	1970-01-20 21:08:38	Name: _gat_UA-62117061-23 Value: 1
.shiftntp.com/	1970-01-20 21:08:38	Name: _gat_gtag_UA_62117061_22 Value: 1
.shiftntp.com/	1970-01-21 06:44:37	Name: _ga_01ZJWQVL2J Value: GS1.1.1717717981.1.0.1717717981.0.0.0
.shiftntp.com/	1970-01-21 06:44:37	Name: _ga Value: GA1.1.1127563358.1717717981
.shiftntp.com/	1970-01-21 05:54:13	Name: _hjSessionUser_3623287 Value: eyJpZCI6ImRiYWU0MWM0LWM4MTYtNTVjNy05NGY1LTBkNGMwZGNjNDViMSIsImNyZWF0ZWQiOjE3MTc3MTc5ODE2NjUsImV4aXN0aW5nIjpmYWxzZX0=
.shiftntp.com/	1970-01-20 21:08:39	Name: _hjSession_3623287 Value: eyJpZCI6IjBkMDUyMTZkLWRlMTUtNDA2MC1hMjIwLWJkMzFkZjE1YmYzYSIsImMiOjE3MTc3MTc5ODE2NjYsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
shiftntp.com/	1970-01-20 21:08:38	Name: _dd_s Value: rum=0&expire=1717718880309

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://shiftntp.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shiftntp.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shiftntp.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shiftntp.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.assertcom.de
cdn.onenews.com
cdn.prod.www.spiegel.de
fonts.googleapis.com
fonts.gstatic.com
i.computer-bild.de
image.brigitte.de
images.bild.de
images.outbrainimg.com
images.t-online.de
images.wunderweib.de
img.zeit.de
log.outbrainimg.com
mcdp-nydc1.outbrain.com
media.tag24.de
media0.faz.net
mv.outbrain.com
olntptiles.tiles.ampfeed.com
p6.focus.de
region1.analytics.google.com
region1.google-analytics.com
script.hotjar.com
securepubads.g.doubleclick.net
shiftntp.com
srm8plmyisn9d7dyn.ay.delivery
static.hotjar.com
stats.g.doubleclick.net
t0.gstatic.com
tcheck.outbrainimg.com
vc.hotjar.io
widget-pixels.outbrain.com
widgets.outbrain.com
www.chip.de
www.faz.net
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.karlsruhe-insider.de
www.ndr.de
www.presseportal.de
www.rtl.de
www.sueddeutsche.de
www.swr.de
104.102.44.114
104.70.85.86
142.250.185.194
142.250.185.195
142.250.185.72
146.75.122.132
151.101.2.49
172.67.149.20
172.67.214.207
18.173.187.70
18.66.192.32
18.66.192.49
184.30.17.67
193.201.168.19
2001:4860:4802:32::36
23.213.161.205
23.32.101.241
23.48.23.11
23.53.42.153
2600:9000:225b:8000:1e:b6b1:7b80:93a1
2600:9000:237d:c000:10:f12b:3700:93a1
2600:9000:26db:4000:1c:5a8a:b300:93a1
2606:4700:10::6816:151
2606:4700:20::681a:e94
2606:4700::6812:1d9b
2a00:1450:4001:801::2004
2a00:1450:4001:801::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:828::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c0c::9d
2a02:26f0:1700:186::31ca
2a02:26f0:3100::1735:2b11
2a02:26f0:3100::210:6e1b
2a02:26f0:3500:11::215:14d8
2a02:26f0:480:99a::231f
54.230.228.76
64.202.112.223
65.108.134.244
95.101.149.114
0544be3d50b723d2270a1b6335e4b4ba8d2e102bc9a58d1d20ac6a252c29fc9a
08186ec1cb321f50708b91ca92237f7b18f16c5ef172f5c472823596096b0ed5
0a263575bbe502e389b61fd1329b73cb64fefae9289f6bdf9967add390c1cba7
0e490b9ef1eefebf453acff9bcf90845d010b2f1f5b0a48c16d8fc15d38a37df
0e4efe8202edd33f4d6b956b964dc4d409ef4ef3526f9cef79ab594d1921b0e3
0f24f25a533baf9b72ef99c0b5f535e6b9d42edc146b5cac49dfac8081e5ba4c
1107f4a2c73e2818b9c5d77ce91f4d68fb36954800019928a634b3c7474f83b5
127386631354278cdcd11834148983a671a6a7daf4d199d23a1469a0f9c76889
14c0199e6c7357b2b9095a80664310750efe255b34aca67d70ccc78bc17f52fb
152fb6cb6b311991144a3bdfb284682eabb1e162ea4154c245d3d62825b8e022
168cc8f4213063cb2f39cd1ed0ba8e7e4c33ea6cce40218b5da8e337d1cd539b
1919c29c01440f574e45eff6697cdb21c3ee86525aa995d0348e661a44b42a36
191af99f458a5244677a2a39d9c80b192f627ffee8268a786ee1922d8600cd72
19d2f9aa34eb4db894efc76643e7169470f04190d06ef498cb36865563e82a6e
1a13429d657f30008fbafdc6654846217105afcdcd1f4f4541a3ac9373b1ddda
1a69c33aace2bd37ac8f0f3d5482d50e19e5894580575e958a5d0b8cc61e9a28
1d2cb31b63a5d5a61a1dd4df5de3277688eab2cd38a60f3193ad0e9a27df9b1b
1d36345ef580d0478a47d4c984639613b4529c60bbe152137547ad6eee59a41a
1d6b6cdf8b40ef38f374cd40384f3e39df52af609c44a2190f9eb449621d674b
1dfbe53a85d76efee8125dae47c198d20928e520e55628514e6702508ceab3e4
2002155430eed446db56bf9657a75dc01f4b44dcc697a4eb2ab68b37f7f33ae6
22c5752406d3654c0a2b1ddda8d3f01d50da0ddff3159e6fb3ae727c76b2a1f1
2606c89e6ac48decbd9ac98e28a6a052340f7216c91ebe9c0e90ac0b5b1d513b
261d3217775f480d115f1c824ea4d2927c678ee6370072b0c743584bcaf460a1
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28be9a6633497e42851758e4e65310f53218e58cb239cd7abc2a1bc1c57c291f
29aa58c0866292c45f953e49d5f3b88d7cfbc7560c3e82db22124780e5e23689
29dc2ce22835295e630529677fa5e23805a8c5026ea52f76fd2b16b730b4a49d
2ae291ac432771c51b8c92d52200b5553212636c9e189e74bb079745e100f407
2cab29c16a77adf0b74bf42de737f3883c595c8ec3ea099ac1ac8d7339085311
2d847feb76167f0620ec3e858a2aafa714593ca060144a619f70f7ee5108ce25
3536e242732fd104ae5d9c56dd52d387c26daac8ee089ad758bca73daf3c55e7
372f82ee255981558e139402b4b068ccc0a4ce4e12e30363f5bd260bc0f09c29
3c489c1f9402a3335fad9f3e4871b6f83e5544dc451300d8886d5cdc5f3ff778
3da09f3186a507acda85c9fb5afc34a96eef635298edd7d9a048ca60916fd193
40e30adfa7798571a3638d613663cab7a01a0ffb9b6a5b1ad480f1d206cb7d8a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
469a40d0fdbd3e1a958ad70b0bbe8cfc37010e791269a0ad0b2db97463b467a8
49d65cfd9f1c4d536c4f51ce393f5a328bba7528dc4ee1e38b671b68f65f7d92
4a49042b96363a292062a3351b5e602c36474a12bffc6cd1b10b48d7c14571bf
4adce7bc3b8da4dc66a4b0b44d638449cd854163468787a57860742f18cddc4e
4f0ae4b8683fa4c5a09d360107b67e9ff6ec89a9657c57360da7d6bee797c417
519bc2ddf7a2c93dba1118701fbefcb8dc9bc0bfe1813389e97df0fe694ede20
560a481d94b94be28e45a6ee498682f92b2eb99f8f6f5956c9aad969f61ee5e5
5ade1526f1674ac49650f04fa328b8aec7266c24c9a045f5efbb96b6984422c0
65f3fb31bcb256fcc90e6d8c40ee54a595e48544a275dbd89e00892442f08c68
66a26f58e6db53d83ef8b7eeabbd99c41c439347508d4e30a3b4ece1e3fe47c9
69f12469670e8bf3320cb226b378d4e07d30fd1dac42f5f37e2e91e26b8b048d
69fdd0034615e0e1cdb9a674192ee7383d9227d96f0dac7ffb1bd62e1c491cc4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d6e91f3e439b17cc0d234bb2d99acdf9a7f26470e4c4b7e7a72849da8bad9cb
6f9c1ce0ccf96ea2c4270817dd39fa66b8c5dea82757e3e2cdd27c2cfba70aed
72c7dbc8374c7cc139f63e3e357925c58eef11c79a46bc32c19bdec75a07ceac
763bd03b90a7c62dcdb96e919c9f31d18333c6540bcef7dff26eded8922b48d1
772ad15e6a9d9f21deb7f40f2625372ba1b298ada7e7996aceb4630e3796ac92
79e4c28040778158c9dde3072b56e7e3e02041bf9e9ec62fdb43eed969ac5345
7d916cf34096b5120664554578b0f9d3ed32ba6a7cef6dfd88cbc89fe156e9cd
7f21674d6562c61338d156ac056e218d06f8c0b9e6d814f0d1ad4822b490f74f
850f8fe8995d8c949c1b71a4adc1bbddc152b6dbf770b918e97ecdc91fc21578
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
88f3bd37bfefbbecde3f642768c7917f465679b6c1b2e2bf4a5c440c3e0a35ed
8ffdebca5dacdca748f05ae0cb3581e4df4145f41cebd33bf0cda790a2dfc709
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
947ced5bd2a196821cb0d6ecabfefd00729c3a2605fbb1b2b6fffa349bd80ebe
948200517a5dd85db3ae61e6340a0cdc19a9b915c096745d6c2d880a03d7286e
9500335f0bc9980c3afb557004e2c5177febce54359e7011a101472b01d02e1c
97450eb2a46c66095c763251eb38194fb1db8ec19a986afa2d69c1d53f493f02
9764f6ea10d17a29553a666699d2a12bbbf6805ec29f539084c051285d86c516
98374ddf951a5e6ad21f36fbdfb516e801a214dc362c92b3b56f6c23d2622dc4
9a08a71a70e6fe63a8cb994279c0f72b7a4cd844b350c1f7152a93b07cc7f6f5
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9ca6d4a9d1c822c8a6f3a99d140bc0599cbce9a25737848943309681e14ec826
9e36da9a218df70c643ec1b97922c1bbb5236d57a27f64fa23dc134c625ce173
a1a8d6da8d6c354dde0a825e73ee97e439e0ce9e655d4281c633df85e391e790
a23315bcfc2c7b53860d84a3acf8e198d84e38c8953f2bc8bd3001bba932a704
a350ddb6e1066af1713bf3aed1b8efe680ca6af7a38f5fa4b08f7a0b1e37c041
a844a55de3f6811d1f4e79f7c1207d8dade60171a73bc52326cae9884439f965
ae4301f4fab33a82d2cf0d0d6f3ea978d1743a538ac4206fd73b7215e0105173
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af22a873a5aee1a1ad16f013b0a245be9b97b312f595a5ae922c1aaa5f7f0009
af45db2267d616093819cea377d79b3275af6d0e64284af8e5157bbc6652ea3c
b1f2635b6d766c24a5aea04ab3bb6070c12087d8f9cadd4d9622c567a16d6381
b40bd4129e2d39618d4049fcf34f8323eb0734233d80c79d7d6f50af7399b0db
b48e5bc97e369466fad4948d52d55280447ea9ec3e907ab1564014e341d25b0f
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6db05cd1af6593429093d1daf29108c6883e0c13d33fe36b2d7c54c41e10d68
b7196cdc65e73dc5603ab909fa3308cf6b2cabf340ed44abed61fced707c4d96
b7f4fc33951dbf0b343b609ea5d58eb41b3f8cf3bae4eb88587145bd3c66f9e7
b7fcd9dc2e72ba53e9655e39f59e69e549a2085b6874b82ab82d9128e0435209
b97c50b3b37b77a82cc9da95adac3abfaa90ba7866af7c6431c04d7db2225729
ba15d07eaf4992281351cb21e94bb61045cd1146c537470d747a0eb27874abc5
be4872ec766e5bb2f93bb9e9d1f45417f324fa506163a246ec5dac6a24ce8c3e
be5560697663e982a9cfb0a5059ed8a6b2b557beb44c3733a4668d614259c8ed
bf50cdbbf49a3977ad7673036a52d08a800086d04953a22caa23cc90a04514e0
c50406ace6a4e145151ea655302b8fb8e1e6b091304764fa8fb46a70daeb3995
c62ceff877d52623bf38524e4406dac59d21cad9f8330240af20c3755b836e78
c6b6f49f4e8c234cb7af13faa0a772f1f47ee1a28401f97ffeb4ee4721fc3ccd
c9a35337118205e1f0b6bb0bf250b12c073aa95fe348a611672cc531a019e7e3
cd4e4166b4759dd7b61e540a2d7db9b97df7a497b654d2c0fd11086cfaf48709
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0db485fb2e7241d4648c7530da8a1afb66574a488ba7db21d8f85539fd2a416
d4b4d26ce56c317997b292cfcfb802b4f0addf5d461979b4e70343571be9ef15
d6b675c6b528b15e7b9ebed431c762b9bdf413c45dbc8588ea8c99c517f41b21
d7df3f74e5fa848175d01d8a32ded4e772951bb7b91f646fc2d6b408b50f1978
d817e765c33464aa6fb3fa27db8e394866149455072c3d9aec0dcd365cbcf153
d9c88bc5ffebbcb1e95bde724551e2e5e5a799668e2b4a1cd23e1067f7e1be15
d9ec430b9aaed45b259c33f3b130291eccf9592dab12e9afde40f09781d62149
da33dc2a1aeadd6afca5aa4d027399b918d05e07330e7e8e370d221797bb1a63
dc70bceac4e7bcc771be5eeba3b19e21c2efe27b23f63699e778208b291f3cb3
dc91695bf55eef13ef0fd2ce72228763ba6c29873a3d9d2d792c47a6452573e4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de58972d0ac23c3cfddf0d44875a54f39e563a562a9caae1d79b6f51c9639384
def2bdbc4871cfbd3d18760f73ac050d0bc13ca4c918bc685bce7c74edb22b22
e1b65b281549b4603a50f2d5162855b8570e6eb4df3a48a4526f0071a972bbc5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44b6ec67db0a02e20ff40d4dfa10303df3461dbf466a98e2aeb230f85da0105
e4d91849249c2b25d56f87ed0100848161f5305da933601022e263bddc2bab78
e5ce250a37bd6ff824e0fa69d36573223785a52cdcbc8a51e2521a94071d3734
e61bc0a2c4566f30b49132a661f79fda6a0508a20171662df2818194f68a241e
e74b3a23edd2afadde7b1d5ca2e3fd913f665750f4fc17c3989c9d7252bd37be
e7b2e52cec115addb45dec7bfd0ef27e1a3b18b0ebff06fd9635fe809a75cac9
e921277d9f4fcc33dde139e85a54f25aaa39226b5047f86fd4e32cd6b2df95dd
ea45e12ed6c55f4e1024f505bd9030081710d7bb530fd7c2c1d25f2780925197
ebb340869f0d36734ca66141bb0115b90764f15ce54c75df6910e2ba847bfe47
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fceba4174f2d6bfaff88ffaa7bc0db9dd284b0bd904dddbf2623d13a17ca3c
f143d2a41d0be0e72fecc52e0ee5eeb6c0b16b646dcdd89160da75d6bbe975f9
f22308922ae307be692cbf871b9dbef0255b7283ab1cf138bed50d11d2b02eee
f30e1ef0ee4c39b12660460cfaa7e3b0dcc1df8a34c5aca811c4fa3155c98137
f4bb0c6fab6a73f3ac7209f7bebbc1918ad5d64dea4f5e16e4128aa826f52c9e
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f81b2b14b850fe33ff9b83725b88a7b457c0ba9cbc6d64452d902b1da4c118bd
fb4563e4c20f14425297ad6a85d479d935af992bfeceb6fb8596f63cbce8fa7c
fd204ba05bf5cc268f5864503fcce1e0938d5e9490bfc7cd9ed6f1c86b8a4e9c
fe2ac608040ea114b83b51ff2f04f13f899750aae4f7ac0b217d7105334f714f
ff08a4fe04ddd895c73e21560be716ca5402e4c21013f082ffcd34df2fd9a981

shiftntp.com Open in urlscan Pro 172.67.214.207 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

167 Requests

100 %HTTPS

45 %IPv6

33 Domains

43 Subdomains

41 IPs

4 Countries

7313 kBTransfer

12208 kBSize

11 Cookies

2 Outgoing links

Page URL History

Redirected requests

167 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

shiftntp.com Open in urlscan Pro
172.67.214.207 Public Scan

Screenshot
Live screenshot

Full Image

167
Requests

100 %
HTTPS

45 %
IPv6

33
Domains

43
Subdomains

41
IPs

4
Countries

7313 kB
Transfer

12208 kB
Size

11
Cookies

167 HTTP transactions
2 data transactions