urlscan.io logo urlscan.io
SecurityTrails logo

shiftntp.com Open in urlscan Pro
172.67.214.207  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://shiftntp.com/g/
Effective URL: https://shiftntp.com/g
Submission: On September 05 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 69 HTTP transactions. The main IP is 172.67.214.207, located in United States and belongs to CLOUDFLARENET, US. The main domain is shiftntp.com. The Cisco Umbrella rank of the primary domain is 73304.
TLS certificate: Issued by WE1 on July 24th 2024. Valid for: 3 months.
This is the only time shiftntp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    172.67.214.207 (United States)

ASN13335 (CLOUDFLARENET, US)
shiftntp.com
40    2606:4700:10::ac43:ec7 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onenews.com
4    2607:f8b0:4006:81d::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4006:80f::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    172.67.149.20 (United States)

ASN13335 (CLOUDFLARENET, US)
srm8plmyisn9d7dyn.ay.delivery
1    2607:f8b0:4006:821::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    142.250.65.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net
securepubads.g.doubleclick.net
4    2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    108.138.106.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-49.jfk50.r.cloudfront.net
static.hotjar.com
1    213.239.211.175 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.213.239.211.175.clients.your-server.de
api.assertcom.de
1    142.250.81.232 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f8.1e100.net
www.googletagmanager.com
1    2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    18.164.96.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-77.jfk50.r.cloudfront.net
script.hotjar.com
Apex Domain
Subdomains		 Transfer
40 onenews.com
cdn.onenews.com — Cisco Umbrella Rank: 17689
443 KB
9 shiftntp.com
shiftntp.com — Cisco Umbrella Rank: 73304
34 KB
5 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
td.doubleclick.net — Cisco Umbrella Rank: 481
181 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
350 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
4 ay.delivery
srm8plmyisn9d7dyn.ay.delivery — Cisco Umbrella Rank: 37970
185 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
60 KB
1 google.com
analytics.google.com — Cisco Umbrella Rank: 238
251 B
1 assertcom.de
api.assertcom.de — Cisco Umbrella Rank: 9595
306 B
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
69 11
Domain Requested by
40 cdn.onenews.com shiftntp.com
cdn.onenews.com
9 shiftntp.com 4 redirects
5 www.googletagmanager.com cdn.onenews.com
shiftntp.com
www.googletagmanager.com
4 www.google-analytics.com www.googletagmanager.com
cdn.onenews.com
4 srm8plmyisn9d7dyn.ay.delivery cdn.onenews.com
3 securepubads.g.doubleclick.net securepubads.g.doubleclick.net
cdn.onenews.com
1 script.hotjar.com srm8plmyisn9d7dyn.ay.delivery
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com cdn.onenews.com
1 api.assertcom.de srm8plmyisn9d7dyn.ay.delivery
1 static.hotjar.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com cdn.onenews.com
69 14

This site contains no links.

Subject Issuer Validity Valid
shiftntp.com
WE1		 2024-07-24 -
2024-10-22		 3 months crt.sh
cdn.onenews.com
WE1		 2024-08-30 -
2024-11-28		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
ay.delivery
WE1		 2024-08-18 -
2024-11-16		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
api.assertcom.de
R10		 2024-08-11 -
2024-11-09		 3 months crt.sh
*.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://shiftntp.com/g
Frame ID: A52FAF42C475DFC4D5D0F87D49A234D0
Requests: 67 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-WNFNMPW
Frame ID: 8BFE7C032CCEF23D473F5181A85155C3
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-C8QGCBZ3PC&gacid=757762189.1725571333&gtm=45je4930v899813937z89101333035za200zb9101333035&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1345976476
Frame ID: F43E9890CA7C9155873C128982464E9F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

New Tab

Page URL History Show full URLs

  1. http://shiftntp.com/g/ HTTP 307
    https://shiftntp.com/g/ HTTP 307
    https://shiftntp.com/g Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div [^>]*id="__nuxt"
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

69
Requests

96 %
HTTPS

53 %
IPv6

11
Domains

14
Subdomains

15
IPs

2
Countries

1322 kB
Transfer

3733 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shiftntp.com/g/ HTTP 307
    https://shiftntp.com/g/ HTTP 307
    https://shiftntp.com/g Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://shiftntp.com/favicon.ico HTTP 307
  • https://shiftntp.com/g
Request Chain 46
  • https://shiftntp.com/favicon-32x32.png HTTP 307
  • https://shiftntp.com/g
Request Chain 47
  • https://shiftntp.com/favicon-16x16.png HTTP 307
  • https://shiftntp.com/g

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request g
shiftntp.com/
Redirect Chain
  • http://shiftntp.com/g/
  • https://shiftntp.com/g/
  • https://shiftntp.com/g
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shiftntp.com/g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.214.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Nuxt
Resource Hash
8d289bb8304e9266fef17d35bfd2c45f0a6b0b5e24ac7a9c9f446b58a28a3bc4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8be945f10e662ad7-LAX
content-encoding
br
content-type
text/html;charset=utf-8
date
Thu, 05 Sep 2024 21:22:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BOI28csxeGIOOvMsshYArMYklotvskmBHd43R%2BnuoakvlpNbTFCGwpxlHOjrzND1IFc%2B5ZOzX%2FP2gmd7t9ijw%2FSy7sxBjvSoHnzvDaZJajl8iCqZNrASVMYJ5VqhTg4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
Nuxt

Redirect headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8be945f07dd32ad7-LAX
content-length
169
content-type
text/html
date
Thu, 05 Sep 2024 21:22:10 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://shiftntp.com/g
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yxqoNPF74b0xYCbCIQ%2BHJaEL35XH5ikM%2FJ0sIuvSXJkUSGHObf%2B0DUFWiX5olL%2F4tUGgAM%2F8pclYF0cygIpFv50u2sVbWr8AnIRtof%2F2cgmpTEtEK7ZxTUOiPQ8CfFs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
entry.C2In1Nxh.css
cdn.onenews.com/public/_nuxt/ 		350 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/entry.C2In1Nxh.css
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb3dabfabfd5805b698d55ec414a106439d8431487216396592cf285b035d627

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:22:04 GMT
server
cloudflare
age
6648
etag
W/"580eb96bad2b58f5e64e6ec346595c8b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
cf-ray
8be945f52f09092e-LAX
CVOZ8LH9.js
cdn.onenews.com/public/_nuxt/ 		601 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/CVOZ8LH9.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1c5444cb6fd26045c8cb5605af707d4b5afd66413692e20e3790a713983b013

Request headers

Referer
https://shiftntp.com/
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:21:56 GMT
server
cloudflare
age
6645
etag
W/"6c02dd6cde9c80dfdc553368d28297fc"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f52eb02b58-LAX
BWBnrI7z.js
cdn.onenews.com/public/_nuxt/ 		0
301 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/BWBnrI7z.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:21:51 GMT
server
cloudflare
age
6645
etag
W/"89ec23908b82ff80f90df4b8ac5ef6d2"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f5efbc2b58-LAX
DhnRyUS8.js
cdn.onenews.com/public/_nuxt/ 		0
314 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/DhnRyUS8.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:22:01 GMT
server
cloudflare
age
6645
etag
W/"302679b084b7c40a464e59356a0ab97b"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f5ffea2b58-LAX
BwMQTzCX.js
cdn.onenews.com/public/_nuxt/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/BwMQTzCX.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:21:54 GMT
server
cloudflare
age
6645
etag
W/"73d9681e1b83e1e986c63fa0bbf7da19"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f608262b58-LAX
custom.CDnyyjvh.css
cdn.onenews.com/public/_nuxt/ 		0
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/custom.CDnyyjvh.css
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 28 Aug 2024 21:57:56 GMT
server
cloudflare
age
6247
etag
W/"c1697140535232fadd86b136a89e2bfe"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
cf-ray
8be945f60fef092e-LAX
CuxbQ4CO.js
cdn.onenews.com/public/_nuxt/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/CuxbQ4CO.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:21:57 GMT
server
cloudflare
age
6645
etag
W/"94111317099d3ee3e610384b49ea039a"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f6082d2b58-LAX
V5_Nlixk.js
cdn.onenews.com/public/_nuxt/ 		0
733 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/V5_Nlixk.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:22:04 GMT
server
cloudflare
age
6645
etag
W/"3dc116c3814a39bc9f61ef0410993db9"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f608332b58-LAX
BPnvktiD.js
cdn.onenews.com/public/_nuxt/ 		0
246 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/BPnvktiD.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:21:51 GMT
server
cloudflare
age
6645
etag
W/"a01e080f29bee5948b5d588e6b1f9ea1"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f608362b58-LAX
default.C0bk4ueu.css
cdn.onenews.com/public/_nuxt/ 		0
33 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/default.C0bk4ueu.css
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Aug 2024 21:09:05 GMT
server
cloudflare
age
5513
etag
W/"db9eb34213381e415ca528ac25da08bb"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
cf-ray
8be945f60ff2092e-LAX
Searchbox.Dxb6Esob.css
cdn.onenews.com/public/_nuxt/ 		0
33 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/Searchbox.Dxb6Esob.css
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Aug 2024 21:09:05 GMT
server
cloudflare
age
5513
etag
W/"5276d5107acf80c44364d2396b7d3c21"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
cf-ray
8be945f60ff4092e-LAX
CG0IB1oY.js
cdn.onenews.com/public/_nuxt/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/CG0IB1oY.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:21:55 GMT
server
cloudflare
age
6645
etag
W/"2482dc6c48d2e0babbf3b0bad15d8393"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f608392b58-LAX
DuLhT5vz.js
cdn.onenews.com/public/_nuxt/ 		0
949 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/DuLhT5vz.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:22:02 GMT
server
cloudflare
age
6645
etag
W/"cf998a98022b3c8e6faa49c7cfddf351"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f6083b2b58-LAX
DXqQCM1T.js
cdn.onenews.com/public/_nuxt/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/DXqQCM1T.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Aug 2024 21:09:01 GMT
server
cloudflare
age
5475
etag
W/"214a52366b2a9468674ffbeb27bb6227"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f6083d2b58-LAX
CfEQjed1.js
cdn.onenews.com/public/_nuxt/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/CfEQjed1.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:21:56 GMT
server
cloudflare
age
5773
etag
W/"3455b3bc0a762df2bd73872f5cb93bd3"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f648852b58-LAX
C6r99rsK.js
cdn.onenews.com/public/_nuxt/ 		0
225 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/C6r99rsK.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:21:54 GMT
server
cloudflare
age
6645
etag
W/"72edc77457de15e2d846d245acecf589"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f648892b58-LAX
BvXFuFJw.js
cdn.onenews.com/public/_nuxt/ 		0
910 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/BvXFuFJw.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Aug 2024 21:08:53 GMT
server
cloudflare
age
5475
etag
W/"70dbbbbfed55e6bfc7874ca7d0059f34"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f6488d2b58-LAX
CdLEHMNI.js
cdn.onenews.com/public/_nuxt/ 		0
481 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/CdLEHMNI.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:21:56 GMT
server
cloudflare
age
6645
etag
W/"dbae7f8e611f286d5ffdbc7a4109d091"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f648912b58-LAX
Da2SryCc.js
cdn.onenews.com/public/_nuxt/ 		0
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/Da2SryCc.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Aug 2024 21:09:01 GMT
server
cloudflare
age
5218
etag
W/"c2ad6446247bbad62d25af346da5feff"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f648952b58-LAX
DEqQi9R2.js
cdn.onenews.com/public/_nuxt/ 		0
399 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/DEqQi9R2.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:21:59 GMT
server
cloudflare
age
6645
etag
W/"6b9f06490ece828282bd635cc0351206"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f648982b58-LAX
new.D4Q_8npe.css
cdn.onenews.com/public/_nuxt/ 		0
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/new.D4Q_8npe.css
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Aug 2024 21:09:07 GMT
server
cloudflare
age
5520
etag
W/"cec65472b0aff0fae4ecc097aacbbb2d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
cf-ray
8be945f60ff8092e-LAX
BDuOVyrw.js
cdn.onenews.com/public/_nuxt/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/BDuOVyrw.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:21:50 GMT
server
cloudflare
age
6645
etag
W/"be9c94bce34164f1ff6d717e8e330335"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f6489a2b58-LAX
CN8p_4sa.js
cdn.onenews.com/public/_nuxt/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/CN8p_4sa.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Aug 2024 21:08:55 GMT
server
cloudflare
age
3208
etag
W/"10219fdfd8d9cb9af9839a08b1f97ae9"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f648a32b58-LAX
error-404.BdyCVgB5.css
cdn.onenews.com/public/_nuxt/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/error-404.BdyCVgB5.css
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Aug 2024 21:09:05 GMT
server
cloudflare
age
5517
etag
W/"02c719cf6d38570964352a3a21214088"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
cf-ray
8be945f60ff9092e-LAX
CcVtJQ4y.js
cdn.onenews.com/public/_nuxt/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/CcVtJQ4y.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:21:56 GMT
server
cloudflare
age
6645
etag
W/"1d47b42b20afc0bcc91948ee5a2a0878"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f648a42b58-LAX
error-500.DvZZHkxF.css
cdn.onenews.com/public/_nuxt/ 		0
818 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/error-500.DvZZHkxF.css
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Aug 2024 21:09:06 GMT
server
cloudflare
age
5521
etag
W/"4c4fbed6b9ff96f6d1890503b02d74ba"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
cf-ray
8be945f60ffb092e-LAX
BdnFyKM4.js
cdn.onenews.com/public/_nuxt/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/BdnFyKM4.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:21:52 GMT
server
cloudflare
age
6645
etag
W/"9f50b0f89f45c65a192463922679d0f9"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f648a62b58-LAX
raMHeted.js
cdn.onenews.com/public/_nuxt/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/raMHeted.js
Requested by
Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/CVOZ8LH9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e75947dc606c5aa981c5b05a89cbaa0206aa64f3c8e0169281d7b4bc224c9109

Request headers

Referer
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:22:05 GMT
server
cloudflare
age
6645
etag
W/"9a60a6a5a1af819e82e1f3a89680b5c9"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f759c42b58-LAX
C_m2JFSV.js
cdn.onenews.com/public/_nuxt/ 		547 B
438 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/C_m2JFSV.js
Requested by
Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/CVOZ8LH9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f02390a4632ac996e2254c844976723515ff58a6d1eaf422c196eab23c24e23d

Request headers

Referer
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:21:56 GMT
server
cloudflare
age
6645
etag
W/"d9deaa2ebca8e2a087bf6c2b3053c24d"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f759c92b58-LAX
pBOWvzJa.js
cdn.onenews.com/public/_nuxt/ 		1 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/pBOWvzJa.js
Requested by
Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/CVOZ8LH9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b872fc52bd12691015b90f44bd2922b22de12095e9a9e1a9da01bf2d49f25ce6

Request headers

Referer
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:22:05 GMT
server
cloudflare
age
6645
etag
W/"b8022b9fa1d403d5cc494fde630a4ea5"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f759d02b58-LAX
AqjZgNGy.js
cdn.onenews.com/public/_nuxt/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/AqjZgNGy.js
Requested by
Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/CVOZ8LH9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0557d72aac918175a1853bccd1fc42582ef20b65002e842a30b3c7887cd922cc

Request headers

Referer
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:21:49 GMT
server
cloudflare
age
6645
etag
W/"f995e0d3084081d6c0b860ce63f3f783"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f759d52b58-LAX
MostVisitedTitles.B2amkpnq.css
cdn.onenews.com/public/_nuxt/ 		1 KB
647 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/MostVisitedTitles.B2amkpnq.css
Requested by
Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/CVOZ8LH9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37316a015c0a46b93470082826c5eb6d4011db9421a318dc55006b100b4d152d

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Aug 2024 21:09:04 GMT
server
cloudflare
age
5504
etag
W/"467f2a31d4d940320942109ca10e833a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
cf-ray
8be945f759a2092e-LAX
g
shiftntp.com/
Redirect Chain
  • https://shiftntp.com/favicon.ico
  • https://shiftntp.com/g
5 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://shiftntp.com/g
Protocol
H3
Server
172.67.214.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Nuxt
Resource Hash
8d289bb8304e9266fef17d35bfd2c45f0a6b0b5e24ac7a9c9f446b58a28a3bc4

Request headers

Referer
https://shiftntp.com/g
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Nuxt
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dBRGdqCQIvTv%2BRTJmpQXi8tDVuWWAWPMnDFysEQ4TjOLVeq5GnZkqMuAXsFIUyPVPIWBeG%2B96DU5GBVJhMXHovQGQJryzTgLXpyb1qvWl5FLyuSoEadHTcZrjMjTkZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
cf-ray
8be945f8795f2ad7-LAX
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 05 Sep 2024 21:22:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2BviKCPAsnsTPZ1Yy92cp9fUg4JX8t2vV6xEo7k%2BQWwHiaGslfloq202Y9xu%2F8G2QuQLcmVwanebGBar84Ub9VvFjdkxUVVOuVyWHh%2FFJeGsF%2BFAQjlzzfg%2F2DzfD8E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://shiftntp.com/g
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8be945f7e8632ad7-LAX
content-length
169
expires
Thu, 01 Jan 1970 00:00:01 GMT
DuLhT5vz.js
cdn.onenews.com/public/_nuxt/ 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/DuLhT5vz.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b224e7db6702981d88a8f1a44501cddf7ce334e4eb01bf53ae50a210dec7278

Request headers

Referer
https://cdn.onenews.com/public/_nuxt/raMHeted.js
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:22:02 GMT
server
cloudflare
age
6645
etag
W/"cf998a98022b3c8e6faa49c7cfddf351"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f6083b2b58-LAX
C6r99rsK.js
cdn.onenews.com/public/_nuxt/ 		160 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/C6r99rsK.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f261d875f619e93b1498ed5d5f02fe54402ea104c16650a918cb06566acd66d

Request headers

Referer
https://cdn.onenews.com/public/_nuxt/raMHeted.js
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:21:54 GMT
server
cloudflare
age
6645
etag
W/"72edc77457de15e2d846d245acecf589"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f648892b58-LAX
BvXFuFJw.js
cdn.onenews.com/public/_nuxt/ 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/BvXFuFJw.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e490b9ef1eefebf453acff9bcf90845d010b2f1f5b0a48c16d8fc15d38a37df

Request headers

Referer
https://cdn.onenews.com/public/_nuxt/raMHeted.js
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Aug 2024 21:08:53 GMT
server
cloudflare
age
5475
etag
W/"70dbbbbfed55e6bfc7874ca7d0059f34"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f6488d2b58-LAX
DEqQi9R2.js
cdn.onenews.com/public/_nuxt/ 		464 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/DEqQi9R2.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c3534be1fd2d72e455ca2f3f331c3f2b66764a9927423330d566846f6b91a6a

Request headers

Referer
https://cdn.onenews.com/public/_nuxt/raMHeted.js
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 21:21:59 GMT
server
cloudflare
age
6645
etag
W/"6b9f06490ece828282bd635cc0351206"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f648982b58-LAX
DXqQCM1T.js
cdn.onenews.com/public/_nuxt/ 		56 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/DXqQCM1T.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ddffa2be027dbd5332e9a84c81faa9f220c07e0eb7917c794bc599d4710f556

Request headers

Referer
https://cdn.onenews.com/public/_nuxt/raMHeted.js
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Aug 2024 21:09:01 GMT
server
cloudflare
age
5475
etag
W/"214a52366b2a9468674ffbeb27bb6227"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f6083d2b58-LAX
Da2SryCc.js
cdn.onenews.com/public/_nuxt/ 		86 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/Da2SryCc.js
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a49042b96363a292062a3351b5e602c36474a12bffc6cd1b10b48d7c14571bf

Request headers

Referer
https://cdn.onenews.com/public/_nuxt/raMHeted.js
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Aug 2024 21:09:01 GMT
server
cloudflare
age
5218
etag
W/"c2ad6446247bbad62d25af346da5feff"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f648952b58-LAX
CN8p_4sa.js
cdn.onenews.com/public/_nuxt/ 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/CN8p_4sa.js
Requested by
Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/CVOZ8LH9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1a8d6da8d6c354dde0a825e73ee97e439e0ce9e655d4281c633df85e391e790

Request headers

Referer
https://cdn.onenews.com/public/_nuxt/CVOZ8LH9.js
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Aug 2024 21:08:55 GMT
server
cloudflare
age
3208
etag
W/"10219fdfd8d9cb9af9839a08b1f97ae9"
vary
Origin, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://shiftntp.com
cache-control
max-age=1800
cf-ray
8be945f648a32b58-LAX
0d55bc4f-a630-4a0d-9781-13b9e131a707.json
cdn.onenews.com/public/_nuxt/builds/meta/ 		139 B
218 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.onenews.com/public/_nuxt/builds/meta/0d55bc4f-a630-4a0d-9781-13b9e131a707.json
Requested by
Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/CVOZ8LH9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ec7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baa55866ef00d11693a4cbb08d281ac09555cbff5dce761e3d71af7dc78ce82a

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 04 Sep 2024 21:22:04 GMT
server
cloudflare
etag
W/"467b0fdb171c45e988c9b0a9e8bce1a8"
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://shiftntp.com
cf-ray
8be945f83aef2b58-LAX
ns.html
www.googletagmanager.com/ Frame 8BFE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-WNFNMPW
Requested by
Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/CVOZ8LH9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://shiftntp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Sep 2024 21:22:12 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
blue_buildings.png
shiftntp.com/doodles/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shiftntp.com/doodles/blue_buildings.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.214.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84cc8d30172d2861a18bb5cf144cac603d3602fbe062b63c7a8d9415d7208e8f

Request headers

Referer
https://shiftntp.com/g
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:12 GMT
cf-cache-status
HIT
last-modified
Wed, 14 Aug 2024 22:14:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1343
etag
"6142-/x++mWo/gaTx3FksuaoCs4O7zqc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5FUhTNkut3eqIir9d5yCF5KR%2Bjvr8e10RiCbIZ6yCM9midEjipbxh6BE3%2Bjrcf%2Fiw9%2FJZYSWfy%2BjivAnkA5QkcFY8fBraKCAJ0OTIDdYz8Atasu2VYAE52fZWQx5IXc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8be945f9eb0b2ad7-LAX
alt-svc
h3=":443"; ma=86400
content-length
24898
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&family=Roboto&display=swap
Requested by
Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/CVOZ8LH9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5fde39fefba0c25d41a1e0d566adc49651a3338975f40c3e379647116a6b9084
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Sep 2024 21:22:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 05 Sep 2024 19:58:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Sep 2024 21:22:12 GMT
gtm.js
www.googletagmanager.com/ 		218 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WNFNMPW
Requested by
Host: shiftntp.com
URL: https://shiftntp.com/g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c2db056fea16760a32d921ff0aadec0a921d00e6c149527aed1a9c2dc5d93510
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79535
x-xss-protection
0
last-modified
Thu, 05 Sep 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Sep 2024 21:22:12 GMT
sRm8pLMYisn9D7DyN
srm8plmyisn9d7dyn.ay.delivery/manager/ 		89 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://srm8plmyisn9d7dyn.ay.delivery/manager/sRm8pLMYisn9D7DyN
Requested by
Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/CVOZ8LH9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.149.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15092fb5ab3941f66e120c123d1cfde7d5170bcc19f196edbdab4fcddc88cbae

Request headers

Referer
https://shiftntp.com/g
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:12 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"jpJNrvP3rp8p2tHrN"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JFdF4RBXztJrAjpxZFXigcLUoMUw%2BmQyjva0QAAsQXK8y621tAaRd63LGbWkawm16x2g9k6h8wAy%2FwEtAYCyOnjxfm9ffFYxBpBhZ1n5shlpri8EhuawxETQiqDoSuNGS0MkNwnKIShRKLT7tTsi0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
cf-ray
8be945fc9b8878e9-LAX
link
<https://securepubads.g.doubleclick.net/tag/js/gpt.js>; rel=preload; as=script, <https://sRm8pLMYisn9D7DyN.ay.delivery/manager-script/yield-manager-script-v3.0.16-hotfix.4-prod>; rel=preload; as=script, <https://sRm8pLMYisn9D7DyN.ay.delivery/client-v2.js>; rel=preload; as=script, <https://sRm8pLMYisn9D7DyN.ay.delivery/manager-script/sRm8pLMYisn9D7DyN.splitTest.0?v=qrMErWaDJ3EwxYTdZ>; rel=preload; as=script
alt-svc
h3=":443"; ma=86400
g
shiftntp.com/
Redirect Chain
  • https://shiftntp.com/favicon-32x32.png
  • https://shiftntp.com/g
5 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://shiftntp.com/g
Protocol
H3
Server
172.67.214.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Nuxt
Resource Hash
8d289bb8304e9266fef17d35bfd2c45f0a6b0b5e24ac7a9c9f446b58a28a3bc4

Request headers

Referer
https://shiftntp.com/g
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Nuxt
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GiE7epQbhdAVWjI7B1eAdHLtlQkp2pA5zIUPYHYFHRAS44dNBhHEyGBmciliNQiQfyZeOPeY0N1KpBdz04d9QXtX2Hq%2B%2F6WTG3drjXlmiq6kd6ZhDAxbAT0uJMTJzss%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
cf-ray
8be945fafc942ad7-LAX
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 05 Sep 2024 21:22:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u0YYbAf8KlM7VFTGE8DtqYxlxxN3lUOS8fi3wRinwkL0QXLY9hfJozR%2FNDyZVO0N8K9iDcZXZ9KDSlPstlYiKNS4O1ieGYGITCx3gmKE4sFZg2mQSYpY27%2Bl4B8KFzI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://shiftntp.com/g
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8be945fa2b662ad7-LAX
content-length
169
expires
Thu, 01 Jan 1970 00:00:01 GMT
g
shiftntp.com/
Redirect Chain
  • https://shiftntp.com/favicon-16x16.png
  • https://shiftntp.com/g
5 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://shiftntp.com/g
Protocol
H3
Server
172.67.214.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Nuxt
Resource Hash
8d289bb8304e9266fef17d35bfd2c45f0a6b0b5e24ac7a9c9f446b58a28a3bc4

Request headers

Referer
https://shiftntp.com/g
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Nuxt
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rLHGQJHG1GmE2t9fOgiXwsffKT%2FQ8xgSWXzmghelAdaPqB6UGtH%2BJN1VjqXFAicy5xy60RzHwfFsUizYOJQ%2F%2Bijbx7YJGaQfNFFSgT455c1uB0JqHrruH1sDVRTCZ70%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
cf-ray
8be945fc6ebd2ad7-LAX
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 05 Sep 2024 21:22:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dpfINQSknhbWQZxj40CKaFCG6pMKZ1q9IlwtKn%2Bu0DZmvXdZskbek%2FfHfjqw%2F5IcGBE2Uo6GmiLwvJGcJyOKIn0PujDzXIB5kme3lwhm5VEkdCZRpDqhgA9OfFgbbi4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://shiftntp.com/g
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8be945fbee082ad7-LAX
content-length
169
expires
Thu, 01 Jan 1970 00:00:01 GMT
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://shiftntp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 23:13:47 GMT
x-content-type-options
nosniff
age
252505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48444
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Sep 2025 23:13:47 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
0a1b11bfafdeb7c32167c95ff4d60cf1a7cc0f5290ccbde81d77dab88eb69914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32107
x-xss-protection
0
server
cafe
etag
97 / 19971 / m202408290101 / config-hash: 2517376771826699629
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 05 Sep 2024 21:22:13 GMT
yield-manager-script-v3.0.16-hotfix.4-prod
srm8plmyisn9d7dyn.ay.delivery/manager-script/ 		157 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://srm8plmyisn9d7dyn.ay.delivery/manager-script/yield-manager-script-v3.0.16-hotfix.4-prod
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.149.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a59707a4827e86d02045308e64591489b29f20dd0986837df981916a2941dbf

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:12 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eOG7GvntiyNYrfc8oNdfQH5yWxzDUnKFls2FC3ZnMnAat%2BSmpXXiUS1g3y5IS%2BJrJOQqQlGCMpt4xU4Mhz8riuU5eGegsOWEf2xXm04uXC0LhcJc0CxHowpCs25R5rm8pPwqs10E7vJaWRKZJ4j2TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
8be945fd5cc678e9-LAX
alt-svc
h3=":443"; ma=86400
client-v2.js
srm8plmyisn9d7dyn.ay.delivery/ 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://srm8plmyisn9d7dyn.ay.delivery/client-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.149.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f4770ec6382c966a0c673e25260357bdb2bb57aec451c2b1defb642ca278fac

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 12:35:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
412
etag
W/"66d853fe-190e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ctqNFcWnpC4wo3UdiLMQIl7xtfnds3XFW36LzvyJT45V5yBNgZyhzWf9klLNCuMs1AAN8pMe2cir2vx43%2FW5K2YODs0ijrZDYynfJxCZOuzw0gezngUd2t0rqau63BOJMq6Ys0MMk8ylEoGZSBcCAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cf-ray
8be945fd5cc878e9-LAX
alt-svc
h3=":443"; ma=86400
sRm8pLMYisn9D7DyN.splitTest.0
srm8plmyisn9d7dyn.ay.delivery/manager-script/ 		299 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://srm8plmyisn9d7dyn.ay.delivery/manager-script/sRm8pLMYisn9D7DyN.splitTest.0?v=qrMErWaDJ3EwxYTdZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.149.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
522697208e30a5892205e06ddbc887c02ee0902c631c3c46e734e6a35bd43149

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:12 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zEukVR%2FwMKFYNqETzjuwssIiyUfISxzbEjAFFACo6e%2Bhl2ypSsKxXCsq1Lg6f4At%2BCIQtymHzeUQGwEKr9wd58cVwCS1LG1wIkcbFN1QeOet%2Fe4x1Ro2dV7j9fgdKc6J3Io9Ohyo7Spdp8tBE%2BykoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8be945fd5cc978e9-LAX
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		320 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-C8QGCBZ3PC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNFNMPW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5edb072416f2a1898fbb273056fc0b43dba59df4f9220e9cc78771633fe00065
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
107076
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 05 Sep 2024 21:22:13 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNFNMPW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 05 Sep 2024 20:06:04 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4569
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 05 Sep 2024 22:06:04 GMT
hotjar-3623287.js
static.hotjar.com/c/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3623287.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNFNMPW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-49.jfk50.r.cloudfront.net
Software
/
Resource Hash
aba72d4dbf397512e4276b2d322107bfea6f58a0a91bf6ead9cbd0371fa9945b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 05 Sep 2024 21:21:57 GMT
via
1.1 6fde4eba6716c9f80db3b63d251f248c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
20
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/e57b7c12f91909feadbf6197376d81e3
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
HwQOU0vySEp8pIKirEmV-ETDaREl9CaGxIYmfz_gUdotBO0iwjXizA==
js
www.googletagmanager.com/gtag/ 		211 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-62117061-22&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNFNMPW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7beec09ff111df4de09dc697a0d233db54591333a73300ec5557ce687684b3cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77513
x-xss-protection
0
last-modified
Thu, 05 Sep 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Sep 2024 21:22:13 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/ 		479 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
83832d5307a4d195cddf24f76e66d09b669cfbe23a429d642d06202cb55c96cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 20:43:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
2303
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
152988
x-xss-protection
0
server
cafe
etag
7232803424342751065
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 05 Sep 2025 20:43:50 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		60 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=shiftntp.com
Requested by
Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/CVOZ8LH9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
168cc8f4213063cb2f39cd1ed0ba8e7e4c33ea6cce40218b5da8e337d1cd539b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
expires
Thu, 05 Sep 2024 21:22:13 GMT
pageview
api.assertcom.de/ 		0
306 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/pageview
Requested by
Host: srm8plmyisn9d7dyn.ay.delivery
URL: https://srm8plmyisn9d7dyn.ay.delivery/client-v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.211.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.211.175.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:13 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://shiftntp.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
js
www.googletagmanager.com/gtag/ 		260 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-01ZJWQVL2J&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-62117061-22&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c77a404c52f17a082bed761a2481098f46087d0958d008ab4d12098bb5f044a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 21:22:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93242
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 05 Sep 2024 21:22:13 GMT
collect
analytics.google.com/g/ 		0
251 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-C8QGCBZ3PC&gtm=45je4930v899813937z89101333035za200zb9101333035&_p=1725571332105&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=757762189.1725571333&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1725571333&sct=1&seg=0&dl=https%3A%2F%2Fshiftntp.com%2Fg&dt=New%20Tab&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2930
Requested by
Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/CVOZ8LH9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 21:22:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shiftntp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C8QGCBZ3PC&cid=757762189.1725571333&gtm=45je4930v899813937z89101333035za200zb9101333035&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C8QGCBZ3PC&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 21:22:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shiftntp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rul
td.doubleclick.net/td/ga/ Frame F43E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-C8QGCBZ3PC&gacid=757762189.1725571333&gtm=45je4930v899813937z89101333035za200zb9101333035&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1345976476
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C8QGCBZ3PC&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shiftntp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Sep 2024 21:22:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: srm8plmyisn9d7dyn.ay.delivery
URL: https://srm8plmyisn9d7dyn.ay.delivery/manager-script/yield-manager-script-v3.0.16-hotfix.4-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-77.jfk50.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
3221947
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
HlpsqmJXc4Ui1665i9KReMXjx1rDSp-3zLuyJevQhhzdlfAf7F2gtA==
collect
www.google-analytics.com/j/ 		3 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1907951254&t=pageview&_s=1&dl=https%3A%2F%2Fshiftntp.com%2Fg&ul=en-us&de=UTF-8&dt=New%20Tab&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=440410386&gjid=824480693&cid=757762189.1725571333&tid=UA-62117061-23&_gid=1777683226.1725571334&_r=1&_slc=1&gtm=45He4930n81WNFNMPWv9101333035za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&z=1633185630
Requested by
Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/CVOZ8LH9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 21:22:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shiftntp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1907951254&t=pageview&_s=1&dl=https%3A%2F%2Fshiftntp.com%2Fg&ul=en-us&de=UTF-8&dt=New%20Tab&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1933945852&gjid=1804564490&cid=757762189.1725571333&tid=UA-62117061-22&_gid=1777683226.1725571334&_r=1&gtm=457e4930za200zb9101333035&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&jsscut=1&z=843878961
Requested by
Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/CVOZ8LH9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 21:22:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shiftntp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
56 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-01ZJWQVL2J&gtm=45je4930h1v9122498964za200&_p=1725571332105&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=757762189.1725571333&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1725571333&sct=1&seg=0&dl=https%3A%2F%2Fshiftntp.com%2Fg&dt=New%20Tab&en=page_view&_fv=1&_ss=1&tfd=3335
Requested by
Host: cdn.onenews.com
URL: https://cdn.onenews.com/public/_nuxt/CVOZ8LH9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shiftntp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 21:22:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shiftntp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| __NUXT_COLOR_MODE__ object| __NUXT__ object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ function| __buildAssetsURL function| __publicAssetsURL function| $fetch object| __unctx__ object| __unctx_async_handlers__ object| __vueuse_ssr_handlers__ object| DD_RUM boolean| __VUE__ function| useNuxtApp function| __unhead_injection_handler__ object| analytics object| ayManagerEnv object| dataLayer boolean| isUserIdle object| mixpanelEventCallLog object| assertiveYieldAnalytics object| assertive boolean| isPageVisible object| googletag object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| ggeac object| google_js_reporting_queue object| pbjsChunk object| pbjs object| _pbjsGlobals object| assertiveQueue boolean| _assertiveInitialized object| ntv object| adsbygoogle object| _taboola object| OBREvents function| onYouTubeIframeAPIReady object| gaGlobal object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| gaplugins object| gaData object| google_reactive_ads_global_state

12 Cookies

Domain/Path Name / Value
shiftntp.com/ Name: i18n_redirected
Value: en
srm8plmyisn9d7dyn.ay.delivery/ Name: aym_split-id
Value: 53
.shiftntp.com/ Name: _ga_C8QGCBZ3PC
Value: GS1.1.1725571333.1.0.1725571333.60.0.0
.shiftntp.com/ Name: _gid
Value: GA1.2.1777683226.1725571334
.shiftntp.com/ Name: _gat_UA-62117061-23
Value: 1
.shiftntp.com/ Name: _gat_gtag_UA_62117061_22
Value: 1
.shiftntp.com/ Name: _ga_01ZJWQVL2J
Value: GS1.1.1725571333.1.0.1725571333.0.0.0
.shiftntp.com/ Name: _ga
Value: GA1.1.757762189.1725571333
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.shiftntp.com/ Name: _hjSessionUser_3623287
Value: eyJpZCI6IjU2OWExZjhiLThjZDYtNTRhNi04ZTA4LTRiZjgwNGVhYzM2YiIsImNyZWF0ZWQiOjE3MjU1NzEzMzQxNzAsImV4aXN0aW5nIjpmYWxzZX0=
.shiftntp.com/ Name: _hjSession_3623287
Value: eyJpZCI6IjU0NDQxMzcxLWM1NjYtNDhiNi04NDdhLTczZjYyYTZjZmNhNCIsImMiOjE3MjU1NzEzMzQxNzksInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
shiftntp.com/ Name: _dd_s
Value: rum=0&expire=1725572232051

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.assertcom.de
cdn.onenews.com
fonts.googleapis.com
fonts.gstatic.com
script.hotjar.com
securepubads.g.doubleclick.net
shiftntp.com
srm8plmyisn9d7dyn.ay.delivery
static.hotjar.com
stats.g.doubleclick.net
td.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
108.138.106.49
142.250.65.226
142.250.81.232
172.67.149.20
172.67.214.207
18.164.96.77
2001:4860:4802:34::181
213.239.211.175
2606:4700:10::ac43:ec7
2607:f8b0:4004:c06::9d
2607:f8b0:4006:80f::200a
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81e::200e
2607:f8b0:4006:821::2003
2607:f8b0:4006:822::2002
0557d72aac918175a1853bccd1fc42582ef20b65002e842a30b3c7887cd922cc
0a1b11bfafdeb7c32167c95ff4d60cf1a7cc0f5290ccbde81d77dab88eb69914
0e490b9ef1eefebf453acff9bcf90845d010b2f1f5b0a48c16d8fc15d38a37df
15092fb5ab3941f66e120c123d1cfde7d5170bcc19f196edbdab4fcddc88cbae
168cc8f4213063cb2f39cd1ed0ba8e7e4c33ea6cce40218b5da8e337d1cd539b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f4770ec6382c966a0c673e25260357bdb2bb57aec451c2b1defb642ca278fac
2c3534be1fd2d72e455ca2f3f331c3f2b66764a9927423330d566846f6b91a6a
37316a015c0a46b93470082826c5eb6d4011db9421a318dc55006b100b4d152d
4a49042b96363a292062a3351b5e602c36474a12bffc6cd1b10b48d7c14571bf
522697208e30a5892205e06ddbc887c02ee0902c631c3c46e734e6a35bd43149
5a59707a4827e86d02045308e64591489b29f20dd0986837df981916a2941dbf
5edb072416f2a1898fbb273056fc0b43dba59df4f9220e9cc78771633fe00065
5f261d875f619e93b1498ed5d5f02fe54402ea104c16650a918cb06566acd66d
5fde39fefba0c25d41a1e0d566adc49651a3338975f40c3e379647116a6b9084
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
7beec09ff111df4de09dc697a0d233db54591333a73300ec5557ce687684b3cd
7ddffa2be027dbd5332e9a84c81faa9f220c07e0eb7917c794bc599d4710f556
83832d5307a4d195cddf24f76e66d09b669cfbe23a429d642d06202cb55c96cf
84cc8d30172d2861a18bb5cf144cac603d3602fbe062b63c7a8d9415d7208e8f
8b224e7db6702981d88a8f1a44501cddf7ce334e4eb01bf53ae50a210dec7278
8d289bb8304e9266fef17d35bfd2c45f0a6b0b5e24ac7a9c9f446b58a28a3bc4
a1a8d6da8d6c354dde0a825e73ee97e439e0ce9e655d4281c633df85e391e790
aba72d4dbf397512e4276b2d322107bfea6f58a0a91bf6ead9cbd0371fa9945b
b872fc52bd12691015b90f44bd2922b22de12095e9a9e1a9da01bf2d49f25ce6
baa55866ef00d11693a4cbb08d281ac09555cbff5dce761e3d71af7dc78ce82a
c2db056fea16760a32d921ff0aadec0a921d00e6c149527aed1a9c2dc5d93510
c77a404c52f17a082bed761a2481098f46087d0958d008ab4d12098bb5f044a2
cb3dabfabfd5805b698d55ec414a106439d8431487216396592cf285b035d627
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1c5444cb6fd26045c8cb5605af707d4b5afd66413692e20e3790a713983b013
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75947dc606c5aa981c5b05a89cbaa0206aa64f3c8e0169281d7b4bc224c9109
f02390a4632ac996e2254c844976723515ff58a6d1eaf422c196eab23c24e23d
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af