theshiftnews.com Open in urlscan Pro
2606:4700:10::6816:2ec1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Submission: On March 20 via manual (March 20th 2023, 12:56:55 pm UTC) from MT — Scanned from DE

Summary HTTP 183 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 29 domains to perform 183 HTTP transactions. The main IP is 2606:4700:10::6816:2ec1, located in United States and belongs to CLOUDFLARENET, US. The main domain is theshiftnews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 17th 2022. Valid for: a year.

This is the only time theshiftnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
48	2606:4700:10:... 2606:4700:10::6816:2ec1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:14b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700:10:... 2606:4700:10::ac43:1e94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 7	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
14	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 5	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.77.35.11 104.77.35.11	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6812:7f05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
183	30

48 2606:4700:10::6816:2ec1 (United States)

ASN13335 (CLOUDFLARENET, US)

theshiftnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:14b (United States)

ASN13335 (CLOUDFLARENET, US)

ua.realtimely.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.realtimely.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:1e94 (United States)

ASN13335 (CLOUDFLARENET, US)

getbootstrap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.42 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.77.35.11 (Glattbrugg, Switzerland) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-35-11.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.38 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	theshiftnews.com theshiftnews.com	3 MB
40	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 134	583 KB
27	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 ad.doubleclick.net — Cisco Umbrella Rank: 168	145 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	525 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 26862 ad4m.at — Cisco Umbrella Rank: 9918 assets.ad4m.at — Cisco Umbrella Rank: 35263	717 KB
9	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 68	29 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	243 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	4 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	82 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25 region1.google-analytics.com — Cisco Umbrella Rank: 2388	20 KB
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 15428	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1230	459 B
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 95743 static-de.ad4mat.net — Cisco Umbrella Rank: 124399	4 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8720	696 B
2	realtimely.io ua.realtimely.io — Cisco Umbrella Rank: 55241 api.realtimely.io — Cisco Umbrella Rank: 55515	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	121 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 57294	476 B
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 69301	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 62253	436 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 64174	261 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 317	460 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1462	351 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6097	553 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1500	173 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 595	542 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 649	464 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	610 B
1	getbootstrap.com getbootstrap.com — Cisco Umbrella Rank: 51962	8 KB
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1806	4 KB
183	29

	Domain	Requested by
48	theshiftnews.com	theshiftnews.com
25	tpc.googlesyndication.com	googleads.g.doubleclick.net theshiftnews.com pagead2.googlesyndication.com tpc.googlesyndication.com
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net theshiftnews.com
15	pagead2.googlesyndication.com	theshiftnews.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
7	www.google.com	2 redirects theshiftnews.com www.gstatic.com www.google.com googleads.g.doubleclick.net tpc.googlesyndication.com
6	assets.ad4m.at	as.ad4m.at
6	fonts.gstatic.com	fonts.googleapis.com www.google.com
5	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	theshiftnews.com googleads.g.doubleclick.net
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	cdnjs.cloudflare.com	theshiftnews.com
2	ad.doubleclick.net	2 redirects
2	www.awin1.com	1 redirects as.ad4m.at
2	sync.teads.tv	1 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	theshiftnews.com
1	www.conrad.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	static-de.ad4mat.net	as.ad4m.at
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	theshiftnews.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	api.realtimely.io	theshiftnews.com
1	region1.google-analytics.com	www.googletagmanager.com
1	getbootstrap.com	theshiftnews.com
1	secure.gravatar.com	theshiftnews.com
1	ua.realtimely.io	theshiftnews.com
183	40

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
twitter.com
www.facebook.com
familypedia.wikia.com
www.pivotconsultancy.com
www.maltatoday.com.mt
lovinmalta.com
www.linkedin.com
api.whatsapp.com
reddit.com

Subject Issuer	Validity	Valid
theshiftnews.com Cloudflare Inc ECC CA-3	`2022-08-17` - `2023-08-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.realtimely.io GTS CA 1P5	`2023-03-03` - `2023-06-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-02-11` - `2023-05-12`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-02-12` - `2023-05-13`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Frame ID: 79C771BC91B112FED374025EE348ADDF
Requests: 82 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html
Frame ID: 32ADE7D55CB1BEE012FB0E9C7AE9F910
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCD8MfAAAAAFBjADFSUVwiNDd1Jogcfez90xB6&co=aHR0cHM6Ly90aGVzaGlmdG5ld3MuY29tOjQ0Mw..&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=joj3combb22d
Frame ID: 945BD9980A71AED35A57362F520F1924
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5022138414892796&output=html&adk=1812271804&adf=3025194257&lmt=1594488153&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x810_r&format=0x0&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679317009127&bpp=7&bdt=310&idt=373&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2498721383521&frm=20&pv=2&ga_vid=758828850.1679317009&ga_sid=1679317010&ga_hid=386200701&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C42532089%2C44759837%2C31072952&oid=2&pvsid=4288765480582794&tmod=1845641553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=405
Frame ID: F0A466089334A620DF05D60F4A891193
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5022138414892796&output=html&h=280&slotname=6506358167&adk=1402653840&adf=3499857793&pi=t.ma~as.6506358167&w=1110&lmt=1594488153&format=1110x280&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679317009134&bpp=2&bdt=317&idt=403&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2498721383521&frm=20&pv=1&ga_vid=758828850.1679317009&ga_sid=1679317010&ga_hid=386200701&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C42532089%2C44759837%2C31072952&oid=2&pvsid=4288765480582794&tmod=1845641553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zy0T33ETgS&p=https%3A//theshiftnews.com&dtd=410
Frame ID: 38852DA969C6B50E5C73670F1F0CCE59
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5022138414892796&output=html&h=250&slotname=2458467798&adk=3972122683&adf=3146685315&pi=t.ma~as.2458467798&w=300&lmt=1594488153&format=300x250&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679317009136&bpp=1&bdt=320&idt=419&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=2498721383521&frm=20&pv=1&ga_vid=758828850.1679317009&ga_sid=1679317010&ga_hid=386200701&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C42532089%2C44759837%2C31072952&oid=2&pvsid=4288765480582794&tmod=1845641553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=C7Ftj0Pejq&p=https%3A//theshiftnews.com&dtd=432
Frame ID: 7627CB01F027B956928BF2E0944C8CDA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5022138414892796&output=html&h=250&slotname=2458467798&adk=3051683247&adf=2672717992&pi=t.ma~as.2458467798&w=300&lmt=1594488153&format=300x250&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679317009137&bpp=1&bdt=321&idt=436&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C300x250&nras=1&correlator=2498721383521&frm=20&pv=1&ga_vid=758828850.1679317009&ga_sid=1679317010&ga_hid=386200701&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=2146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C42532089%2C44759837%2C31072952&oid=2&pvsid=4288765480582794&tmod=1845641553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=j5etlLJtsU&p=https%3A//theshiftnews.com&dtd=440
Frame ID: 4CAFFBC3946E6A644C53F7673DECEB57
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5022138414892796&output=html&h=600&slotname=5512901731&adk=1046334641&adf=323989501&pi=t.ma~as.5512901731&w=300&lmt=1594488153&format=300x600&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679317009137&bpp=1&bdt=321&idt=445&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C300x250%2C300x250&nras=1&correlator=2498721383521&frm=20&pv=1&ga_vid=758828850.1679317009&ga_sid=1679317010&ga_hid=386200701&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=2422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C42532089%2C44759837%2C31072952&oid=2&pvsid=4288765480582794&tmod=1845641553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=gHYe6jtZVT&p=https%3A//theshiftnews.com&dtd=451
Frame ID: 44EE1AF155DB882C44F13658DA8DBAEB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5022138414892796&output=html&h=280&adk=2336177055&adf=494719954&pi=t.aa~a.1398692503~i.15~rp.4&w=730&fwrn=4&fwrnh=100&lmt=1594488153&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2737804246&ad_type=text_image&format=730x280&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&fwr=0&pra=3&rh=183&rw=730&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679317010222&bpp=2&bdt=1406&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd4e80107da258bd9-221864a562dd00f1%3AT%3D1679317009%3ART%3D1679317009%3AS%3DALNI_MbcLjeT2o680ZPkMCZ8OLC-Pt4eZw&gpic=UID%3D00000bc974dff49a%3AT%3D1679317009%3ART%3D1679317009%3AS%3DALNI_MYOQAMv8Hz-cjjj1GFxXGkDiAYQsA&prev_fmts=0x0%2C1110x280%2C300x250%2C300x250%2C300x600&nras=2&correlator=2498721383521&frm=20&pv=1&ga_vid=758828850.1679317009&ga_sid=1679317010&ga_hid=386200701&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3308&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C42532089%2C44759837%2C31072952&oid=2&psts=AD37Y7tvdFsEhHc8V7mLQRkycMT19S1nNqjuZaEpPv7ODYl0e5_IaNgjR6vNPx05suAOqAH0rUzCWESt6BBw4NLnzDUe7UbV&pvsid=4288765480582794&tmod=1845641553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=fcNsfo9Ehm&p=https%3A//theshiftnews.com&dtd=22
Frame ID: 9CEDC4150E2DBED39796AE06AE9E865F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5022138414892796&output=html&h=280&adk=2336177055&adf=3178594335&pi=t.aa~a.1398692503~i.23~rp.4&w=730&fwrn=4&fwrnh=100&lmt=1594488153&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2737804246&ad_type=text_image&format=730x280&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&fwr=0&pra=3&rh=183&rw=730&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679317010222&bpp=2&bdt=1405&idt=2&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd4e80107da258bd9-221864a562dd00f1%3AT%3D1679317009%3ART%3D1679317009%3AS%3DALNI_MbcLjeT2o680ZPkMCZ8OLC-Pt4eZw&gpic=UID%3D00000bc974dff49a%3AT%3D1679317009%3ART%3D1679317009%3AS%3DALNI_MYOQAMv8Hz-cjjj1GFxXGkDiAYQsA&prev_fmts=0x0%2C1110x280%2C300x250%2C300x250%2C300x600%2C730x280&nras=3&correlator=2498721383521&frm=20&pv=1&ga_vid=758828850.1679317009&ga_sid=1679317010&ga_hid=386200701&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C42532089%2C44759837%2C31072952&oid=2&psts=AD37Y7tvdFsEhHc8V7mLQRkycMT19S1nNqjuZaEpPv7ODYl0e5_IaNgjR6vNPx05suAOqAH0rUzCWESt6BBw4NLnzDUe7UbV&pvsid=4288765480582794&tmod=1845641553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=hflcCTPUbp&p=https%3A//theshiftnews.com&dtd=29
Frame ID: C2D808A9D1EA6E4812F3E60E44E95714
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5022138414892796&output=html&h=250&adk=3930010116&adf=1400929148&pi=t.aa~a.2321100182~rp.2&w=310&fwrn=4&fwrnh=100&lmt=1594488153&rafmt=1&to=qs&pwprc=2737804246&format=310x250&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679317010258&bpp=1&bdt=1441&idt=2&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd4e80107da258bd9-221864a562dd00f1%3AT%3D1679317009%3ART%3D1679317009%3AS%3DALNI_MbcLjeT2o680ZPkMCZ8OLC-Pt4eZw&gpic=UID%3D00000bc974dff49a%3AT%3D1679317009%3ART%3D1679317009%3AS%3DALNI_MYOQAMv8Hz-cjjj1GFxXGkDiAYQsA&prev_fmts=0x0%2C1110x280%2C300x250%2C300x250%2C300x600%2C730x280%2C730x280&nras=4&correlator=2498721383521&frm=20&pv=1&ga_vid=758828850.1679317009&ga_sid=1679317010&ga_hid=386200701&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=2256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C42532089%2C44759837%2C31072952&oid=2&psts=AD37Y7tvdFsEhHc8V7mLQRkycMT19S1nNqjuZaEpPv7ODYl0e5_IaNgjR6vNPx05suAOqAH0rUzCWESt6BBw4NLnzDUe7UbV&pvsid=4288765480582794&tmod=1845641553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=3VlFTNOfuw&p=https%3A//theshiftnews.com&dtd=7
Frame ID: CB09C2BC1C9D046556BAB15300A41A18
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
Frame ID: 55BA27EC3836BC6703B53F782C9103D7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5F73C0425A2883463496C8457E1275CE
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
Frame ID: DD802F5C34A3C35FEBDFCC65C463539D
Requests: 7 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 8B964B5D3E724DBA232FCE35E9766804
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4E641016E1A936C4664F30FA21DDB28B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8D5A4273D9078575DC2495AA3D72B730
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
Frame ID: 97021731B7B1932D272FC3BA2DE67B35
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
Frame ID: 395B44135A5A2C2345F922340BEADBEF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
Frame ID: 5A28A0FE4E5FD612524B54B79E79ED13
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CfoiDElgYZNv0EseDxdwPg42ZgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MDIyMTM4NDE0ODkyNzk2yAEJqQKnhC3nouGxPqgDAaoElQJP0MQEPuPWchFLWEmTNnqqBWL91VdP8B871OqO-uU54QNP5gkZCqysGY5YRJ9nQD20c9xyKpcVtDSSy8rdT_dtH1gM5j9NfR5ysh8BaPW7bQ1KtQ_3x4kk3aRA96JxTXdtm9NyE3EBGXbfurLMSN-FHf2UpFOyl6c8DjstxHYjOsZUUl03pwZr-8Vj7g8ggYKM1mMGEFtp9pB3eKSHwwW1NW_ZBW9-FlaZEL0w4quHCvjqb0S4dj79CzrX2eopSGZ7UBRg9oL53z1znZtEDReHHndijPy54yQdzp-hInJ_gUGhj2SJG37rsWruCAeZdbmY-ZPIGC35Qang6m-j07BBcGbbKxFQhKcFVfwQsCahQKlnLCFhgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01MDIyMTM4NDE0ODkyNzk2GAA&sigh=TFr9KAPtJHE&uach_m=[UACH]&cid=CAQSPADUE5ymoPkry8ZhaxG3bpL4AXxiutugMl7WLw0G0erp88Jojs1vgiBra8qy2d_GmxQA-Sk-FFkq26Xk4xgB
Frame ID: 8893BC3A241FD3C21B517C6D55CE325F
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gbpj5yh6n3bs86fhhf06141984xxjdmttjxpjya6s5qsbk90ncr1pp3r39w5repyn281x9yjvg0n3ystk5fgcwd12560y8cwkpzhcfed2r30ecf5y1zft1vd9g1f76aq8mhmbg51q21pekswzgwjwecq42nk60a501sja5zbc5pjsgagrvews1avaa6kk8x27hcg747jps4g5ye6d23p3chzqvjvhfx23tnkcx1bsa61vy5aaxrxb3rtwhwkx6xza8d3c8wc5tcg27vfyqtzmkzwaskv1m7tbn17eey7qphcw4h8t5zr7rb5r0cd425fj4ng1tfj42kcmkmw15sz5s17c291kb6ddny49zvw7v2qp342wt1mk3x7cdhqqw77w4kpmqgaev8p9m1d67dfb2erhwqa5y8t3mznvt5g6tf6rxrvx4v4e7ekrjc5dgv100wwjr8g0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_3_CElgYZNv0EseDxdwPg42ZgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MDIyMTM4NDE0ODkyNzk2yAEJqQKnhC3nouGxPqgDAaoEmAJP0MQEPuPWchFLWEmTNnqqBWL91VdP8B871OqO-uU54QNP5gkZCqysGY5YRJ9nQD20c9xyKpcVtDSSy8rdT_dtH1gM5j9NfR5ysh8BaPW7bQ1KtQ_3x4kk3aRA96JxTXdtm9NyE3EBGXbfurLMSN-FHf2UpFOyl6c8DjstxHYjOsZUUl03pwZr-8Vj7g8ggYKM1mMGEFtp9pB3eKSHwwW1NW_ZBW9-FlaZEL0w4quHCvjqb0S4dj79CzrX2eopSGZ7UBRg9oL53z1znZtEDReHHndijPy54yQdzp-hInJ_gUGhj2SJG37rsWruCAeZdfua2AEf4aq5iS6ofLXqQUJ4ZGx2IT9IWSfHHG7oJDiNWHy7s2GpbNjcgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1BgdBUvGW1Jwu36SdoDer39WliRA%26client%3Dca-pub-5022138414892796%26adurl%3D
Frame ID: E94A8909C3D605D866BA4AB8B265A7B7
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 922BBBCD35543438B500444F160F6554
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: B935FD35A07D25AC962510C4DF6C18F8
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=db132527245ae22d8ed198df8442d099%2F11299962328024895369&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1679317011031&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5fs1ss42rw5psjfqhxtf5f8y0c4b5m2719gwrh11h813vw0b7vamdge39qf8qx9gsgtxxg18sz4ks0j9d5nw01ceecr0rhytryvj47zfe11dr37p3x8fkqpx2vgvpkeyb1s6y6jzbzqyf7fdq8qthyr43r43s776k2spnasfy6agpp3rzv9149zm5q0c9hd5sm9cddc7bt553za4ekw9mee9zed5dqaw685kt0afj3rg31yjdcc38nqzm7yqtdtnygvv36ntvsfadnwjw342wf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_3_CElgYZNv0EseDxdwPg42ZgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MDIyMTM4NDE0ODkyNzk2yAEJqQKnhC3nouGxPqgDAaoEmAJP0MQEPuPWchFLWEmTNnqqBWL91VdP8B871OqO-uU54QNP5gkZCqysGY5YRJ9nQD20c9xyKpcVtDSSy8rdT_dtH1gM5j9NfR5ysh8BaPW7bQ1KtQ_3x4kk3aRA96JxTXdtm9NyE3EBGXbfurLMSN-FHf2UpFOyl6c8DjstxHYjOsZUUl03pwZr-8Vj7g8ggYKM1mMGEFtp9pB3eKSHwwW1NW_ZBW9-FlaZEL0w4quHCvjqb0S4dj79CzrX2eopSGZ7UBRg9oL53z1znZtEDReHHndijPy54yQdzp-hInJ_gUGhj2SJG37rsWruCAeZdfua2AEf4aq5iS6ofLXqQUJ4ZGx2IT9IWSfHHG7oJDiNWHy7s2GpbNjcgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1BgdBUvGW1Jwu36SdoDer39WliRA%2526client%253Dca-pub-5022138414892796%2526adurl%253D&y=1&s=&z=0
Frame ID: 7841A3C4F2A10372CDF057C11AA8B280
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BC7148A6E2B7DCF5BB8C9D719DED5045
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C6E36E33A969589C23C57B5C9FE16C37
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vitals ownership: Untangling the web | The Shift News

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

183
Requests

97 %
HTTPS

68 %
IPv6

29
Domains

40
Subdomains

30
IPs

5
Countries

5807 kB
Transfer

10177 kB
Size

24
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/theshiftnews/?hl=en

Search URL Search Domain Scan URL

URL: https://twitter.com/TheShiftNews

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheShiftNews/

Search URL Search Domain Scan URL

URL: http://familypedia.wikia.com/wiki/Shaukat_Ali_Abdul_Ghafoor
Title: originally based in Libya

Search URL Search Domain Scan URL

URL: https://www.facebook.com/shoaib.walajahi?fref=ts
Title: Mohammed Shoaib Walajahi

Search URL Search Domain Scan URL

URL: http://www.pivotconsultancy.com/management/#management-team
Title: who describes himself as a PPP consultant

Search URL Search Domain Scan URL

URL: http://www.maltatoday.com.mt/news/national/69944/gozo_healthcare_boss_seeks_buyers_for_50_million_renewable_energy_stake#.WmzHVqinFPY
Title: traveling with Ram Tumuluri to sell a stake in a Renewable Energy

Search URL Search Domain Scan URL

URL: https://lovinmalta.com/news/news-breaking/we-spoke-to-the-man-who-made-a-killing-off-vitals-deal-and-this-is-how-it-went
Title: Technoline Malta

Search URL Search Domain Scan URL

URL: https://www.facebook.com/shaukatali.abdulghafoor
Title: His Facebook friends list

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?via=TheShiftNews&text=Vitals%20ownership%3A%20Untangling%20the%20web&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&title=Vitals%20ownership%3A%20Untangling%20the%20web

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Vitals%20ownership%3A%20Untangling%20the%20web%20https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F

Search URL Search Domain Scan URL

URL: http://reddit.com/submit?url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&title=Vitals%20ownership%3A%20Untangling%20the%20web

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 137

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 141

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 152

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECBZxoCMPsMfp34ZvjHti2M&google_cver=1&google_push=Aa02lx9e-uS12fJAY5LAKmpMlRYIp5AYlngd5zfl58KbuemOLa1w-F5mU7IM8bYXzC6gx-3NVs8KUusiJv5TyIAqenaGao2GAggwHc8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECBZxoCMPsMfp34ZvjHti2M&google_push=Aa02lx9e-uS12fJAY5LAKmpMlRYIp5AYlngd5zfl58KbuemOLa1w-F5mU7IM8bYXzC6gx-3NVs8KUusiJv5TyIAqenaGao2GAggwHc8

Request Chain 154

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOtm96JJ1qAdpqv--PFUGIQ&google_cver=1&google_push=Aa02lx_9bpblwX2fobIyZn_AB-ET7xJeLcwmgy9xrgsz53xqYaVt3zruzyiBBUMrEGCEyp_DWCddntCzbP-mvHasoQqryhd-wjgJQpY HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ylq0P2lDRFiGhXs50Ihokg2&google_push=Aa02lx_9bpblwX2fobIyZn_AB-ET7xJeLcwmgy9xrgsz53xqYaVt3zruzyiBBUMrEGCEyp_DWCddntCzbP-mvHasoQqryhd-wjgJQpY

Request Chain 156

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECSbbX7NIpKRGpMF_PaPp0Y&google_cver=1&google_push=Aa02lx-MVBwrhSU7bMikvrSY-wdG7nRh4WGcTZjUUpBC8RrQytLpnU7XDR08gKZV9aTQE4GSsJeHhFBNdNFhuOf-j5Bjax0SOL1rUA8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZHVFpNSkotUi03WjNL&google_push=Aa02lx-MVBwrhSU7bMikvrSY-wdG7nRh4WGcTZjUUpBC8RrQytLpnU7XDR08gKZV9aTQE4GSsJeHhFBNdNFhuOf-j5Bjax0SOL1rUA8

Request Chain 157

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECEM1GWG3zeuppgau_4ldkM&google_cver=1&google_push=Aa02lx8lgf_Av8Ak8iVKqK7aytxMcLU7bYonzSxVYTXcslWJiqzhtePecm3Z3aVXdtYmuoBUwDh9JEneoVp-1-CQGyPRHEzRC0XbpGSm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx8lgf_Av8Ak8iVKqK7aytxMcLU7bYonzSxVYTXcslWJiqzhtePecm3Z3aVXdtYmuoBUwDh9JEneoVp-1-CQGyPRHEzRC0XbpGSm HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 176

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CMDZqK_H6v0CFXmDgwcd3GAPDw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023032013565183038696175X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023032013565183038696175X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218

Request Chain 179

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1679317011_aec0ca50-c71e-11ed-b339-2265b7c46fb7&insert=AW&&gdpr=0&gdpr_consent=

183 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/ 112 KB
25 KB 85ms
37ms Document
text/html 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 5354e39386ac532451426dc4764a94b298f004c8fecdd14d2b79215e9e229170

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 7aae1e08dff63801-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 20 Mar 2023 12:56:48 GMT
last-modified: Sat, 11 Jul 2020 17:22:33 GMT
link: <https://theshiftnews.com/wp-json/>; rel="https://api.w.org/" <https://theshiftnews.com/wp-json/wp/v2/posts/4313>; rel="alternate"; type="application/json" <https://theshiftnews.com/?p=4313>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUeg0AW22dt4EN%2BVNlo0s8eSRVyVRSfXwS2yLryyRKkq7ANRSBh5VAobCN%2BeW7CR6e1VYwVpBQQuhtS1k7vKAuMj8L2Ceh5OMsTnf3y2e6H%2BqVsBktBn4sNXCAKfh2BwNMO%2F%2BpEaJ22o5YqTEt8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: SHORT
x-pingback: https://theshiftnews.com/xmlrpc.php
x-powered-by: WP Engine

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/css/ 156 KB
17 KB 59ms
15ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/css/bootstrap.min.css

Requested by

Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5160692
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17437
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-26f1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zugydoCLBvDS6%2BZO3qiRfZN9z8pGn1J6OUDiFXCRHQTS7lZu7SAuS4%2F3BPpzcXFfg3r7xe2eRVJXELVJpE430gYF2sGO3DCREKS5u4SjjPoNNCer9fGBYxxMvyJvyTqHOHlxm5nvhlLisnFdfG98fnN9"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7aae1e09684969a3-FRA
expires: Sat, 09 Mar 2024 12:56:48 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/ 56 KB
11 KB 57ms
14ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css

Requested by

Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5158349
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10134
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-dff5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGe4%2BBAcuWtEjNcy3%2F2%2Fnn5gEE2rkwH7d52JHLcoCXKzVAo67oXbMR8sHg0wtiIe44E5wbsrtEsOUoEE9%2FiFhTSBqdwgV0%2BicdIxF6PxGtMHhcloRxPzaop21x%2BIsn%2F1shH4wmAvWStGClyMJmwM7WyA"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7aae1e09684b69a3-FRA
expires: Sat, 09 Mar 2024 12:56:48 GMT

GET
H2 200 style.css
theshiftnews.com/wp-content/themes/TheShiftNews/ 50 KB
8 KB 31ms
26ms Stylesheet
text/css 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-content/themes/TheShiftNews/style.css?v=20221229
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a6fbc96b6db215b5b43c4758c01c74832456587482191dbd1e705730e39d1b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 29 Dec 2022 17:33:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4075414
etag: W/"63adcf4d-c8e7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ciZ68qebO613gmhCC9AGTaa6v%2B%2B1p7opOETnva9SWoWbq5Df3e%2B78xeBzTwSjaUfFd7%2F141PJnGalHm5o2WdJpZqPAC4M0v%2Fz3lB6Mxz0HN9fNo3Sq4bhB0qKrju%2Bv4qCVmD7ivFMVgpABRJbI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e0938793801-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
881 B 63ms
21ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fac5da0573738445914239b601391b9f2ac194e543b7a0400a8bbee267b97f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 11:12:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Mar 2023 12:56:48 GMT

GET
H2 200 classic-themes.min.css
theshiftnews.com/wp-includes/css/ 217 B
515 B 22ms
17ms Stylesheet
text/css 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Nov 2022 10:50:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4075414
etag: W/"63624b75-d9"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAsAhguiqUXNuyoLT3jFOSYEFdn0lKDHRRuxD3aiBd4wJ8WvuV38hol7XOoYeJU6Bi7JnJiqqzxYEOQ8YtWc9KfIfJTbv97PSZWiSHjyIicEu0bjmBXkLfC4ON6QSALhQ5C2YSksXV6yP%2FM59Dc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e09387d3801-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cookie-law-info-public.css
theshiftnews.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 3 KB
1 KB 23ms
18ms Stylesheet
text/css 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.0.8
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Jan 2023 14:46:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4075414
etag: W/"63b2ee40-c22"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7u%2F1o6J8qQmHB%2BIHu33LDR2NQMY6RXw99PUON80ECPlJOf4E2GP2POZDTXMz71Y%2BISbGaPH67zFZxjdjzIyRto%2FwdPbrG4ymX8bclhl3DqyVr%2BqDv6xF5pJs7Wain74TMQc2UXYLTMCEx4z0bGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e09387f3801-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cookie-law-info-gdpr.css
theshiftnews.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 27 KB
5 KB 26ms
22ms Stylesheet
text/css 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.0.8
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Jan 2023 14:46:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4075414
etag: W/"63b2ee40-6a71"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWVKXPNFfPGP54R6zFqWLch6iQseSzMVz9MUP1qPVfSZ8EQei%2BVgI8siuu4hhOUYBzih7JUrAmvPaiacY38o4dQy6EHo0GK2KzE67PeALiYkHLnrRiJtf6gr02DRJUGmNSFyzJV2WvRKIz8%2Fwlw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e0938803801-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
theshiftnews.com/wp-content/plugins/wpdiscuz/themes/default/ 114 KB
20 KB 24ms
21ms Stylesheet
text/css 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-content/plugins/wpdiscuz/themes/default/style.css?ver=7.5.3
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffce487df4744525fd529363bd47e310529698170c91084a5099f760fa957569

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Feb 2023 20:43:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2389754
etag: W/"63f3db87-1c83a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8vmJM4ub6F%2FffbYa2wc3tfINdzs5cCIF4y%2F17T4qdyIryW0K8xJ1xp17uQtu5%2B%2FXzAUU0gol2rAF1BSZ81bgnga%2BIC%2FTC90aeqOE1cUtS7Jw%2Bq%2FMb8igGkGxhOqpinJQMpH1SvGUMwjNPwNZ%2B%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e0938813801-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fa.min.css
theshiftnews.com/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/ 11 KB
3 KB 30ms
27ms Stylesheet
text/css 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/fa.min.css?ver=7.5.3
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 696abb1249ad3aac33060bfed46b870e4a645faf9b96a9b81b3af85a4ef42694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Feb 2023 20:43:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2389754
etag: W/"63f3db87-2d07"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRN6iioPIPY%2FEb1658CTsem%2FsG5so3hndMkeeS8dC19Vxvb3v25JacyZsTLKZ7GhmGSKypCFHDIKRA3zIh9K3plnsYhEJKA6CSBq5z4mrZHFBL3bNOy%2Fe8Fv%2BYcdlZGmJQQFk0naKrEsHMjsctU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e0938823801-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 wpdiscuz-combo.min.css
theshiftnews.com/wp-content/plugins/wpdiscuz/assets/css/ 36 KB
7 KB 26ms
23ms Stylesheet
text/css 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-content/plugins/wpdiscuz/assets/css/wpdiscuz-combo.min.css?ver=6.1.1
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a61b8c70c730d778a12ecff9f7a17be9b8d25f04253fd0159f02ada438255853

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 20:43:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4072288
etag: W/"639cd87f-9023"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZNUrO8jbnaiYHZ2Yt%2FtUbOlqv1CEzLQYTzFHVzRVfX8woGnV%2FPbJtEGspZuwFPfU1VtioCtMHl2CbxB1QyVG5C%2FFJFsSAdDI1F6o%2Bs9qEBUpjU9pnnCfWE4RFHCCw2Y01next8DgfirtQveaUc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e0938833801-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pagenavi-css.css
theshiftnews.com/wp-content/plugins/wp-pagenavi/ 374 B
646 B 28ms
25ms Stylesheet
text/css 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 04 May 2022 10:43:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4075414
etag: W/"627258eb-176"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGJhXtkro%2FaRPKXtGiLPRhuRRXldr6XUj0nvZWliQlnOLDSyMJ6xk3Eoote6CgNBcBEiSUUbmLPk2U7wrRT7PQslVzgsl%2BIC%2Bw4eWmQBbw%2F3nB4RmU5K2sTrgvc8cMHhMH83DAOIBOfvVX9UcQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e0938843801-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 sassy-social-share-public.css
theshiftnews.com/wp-content/plugins/sassy-social-share/public/css/ 10 KB
3 KB 23ms
20ms Stylesheet
text/css 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.49
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c4ca119cf1bceba15e6b59d19c9a913dcfa12dd54b9ca0900890819adfae5e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 11 Mar 2023 20:43:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 748356
etag: W/"640ce7fe-2752"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHit34ek71AJ16AxAnPBgQp%2BzMN4hy82FrgJHfdhqCNEPE5zs9zXdmwSlpf2PnOXfUntUZkMo8WLXEJbMAk3Dc%2BV6qJ2o6cdoMqJuOflCVvSWl9w6ONBF%2B7iQ8PJhil2tHudX83KEg5pELpmPP8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e0938853801-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js_composer.min.css
theshiftnews.com/wp-content/plugins/js_composer/assets/css/ 452 KB
45 KB 34ms
32ms Stylesheet
text/css 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.10.0
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a2d500d4ac0bba5317698b68c383179098a0ad47879f56de7318ceb37fba68e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 15 Oct 2022 15:29:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3801879
etag: W/"634ad1c7-70ee5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndK1H2tskUz01jyVRFEN0NkF8hevh7JfjXlRC4WxPl0V3yuRwNI5rQLkJTWjqbhMso%2FvRBkLDP7QzefEm5G88WII0ncq%2FGBr%2BxavwjNFEgRx2N1rXjKhJks3Zz9HH0GQWoJaFKwsdTnfl%2FxfGm8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e0938863801-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pum-site-styles.css
theshiftnews.com/wp-content/uploads/pum/ 17 KB
4 KB 30ms
27ms Stylesheet
text/css 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-content/uploads/pum/pum-site-styles.css?generated=1678351436&ver=1.18.1
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e811d2e47fbe942af0065eff70a632dd667486f045a2d4d2456e7a0c2a35b795

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Mar 2023 08:43:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 891969
etag: W/"64099c4c-4550"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Il1KMWTUgNanbymVGr62Xit%2FwjJOPXKLS4tjnJuP9Cz%2Fts2AYdz%2BCAz%2B9AJD%2BnQDJz6kxMfTBx3Fp6r5P76jbmuFpcmOZGO7VIDKk7pOZy12O2cKQn095EOBm6mIkrU5nIBlbBxc6Cfr4t1C2PI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e09388e3801-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
theshiftnews.com/wp-includes/js/jquery/ 88 KB
32 KB 35ms
33ms Script
application/javascript 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Nov 2022 10:50:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4081822
etag: W/"63624b75-15e54"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zzn1IzHHP0AbZiFCLss9l7Vkzv4QXtDc1JfHbS7BhC9VZWeEyOAumupr%2FOh9MmFMUILx98UV%2FnVL4vpq%2Fx8GJauTafIH3TwkTJkgtvFBoq%2FSiMi3IAZ96X4kgsQjartqe2tCAsPaQ%2FKJUYQwJ0w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e09388f3801-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
theshiftnews.com/wp-includes/js/jquery/ 11 KB
5 KB 30ms
28ms Script
application/javascript 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4075414
etag: W/"5fb4e3fe-2bd8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5USXtdJfwErVw1JCnXjyqplkpAQPOpXp9twG%2Bae7hqU%2F4Mn1luD8oP6vVTx6OFrrdKE53zepSwLOY3ULAW%2FUErRoatuwkfCtGY7otCSc%2Bwyh%2BZZ1nLqwkn0aYTbUCN5mU4N%2BDE6zZlxiGJ10nE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e0938913801-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cookie-law-info-public.js Show response
theshiftnews.com/wp-content/plugins/cookie-law-info/legacy/public/js/ 33 KB
8 KB 31ms
29ms Script
application/javascript 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.0.8
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Jan 2023 14:46:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4075414
etag: W/"63b2ee40-8583"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2Ijp6czwXtcVbsetoafpffU26Dp4RFTi4UOXT555ysd2PPlWZTJ8SG0AiNM4D114KFxdQQRu4mHp2Wtkq3%2B67RPflP2w%2FpJk6U1OcQlKPqWbqcRgxsmpD9v5RRwsFuSL0HJb%2FSf7iznvkn60p4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e0938923801-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
77 KB 76ms
43ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2M9K85TCJE

Requested by

Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f298c1c65d9cdefb0c04e1df499ce9dd41d0efeef4af0e692a5beac98e03cb5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78672
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 20 Mar 2023 12:56:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 71ms
38ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-108509011-1

Requested by

Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d296ebf843649fb4ae2ccb89b4ce9bfc83ce807aa23a88596d8d0660ea96ca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44648
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Mar 2023 12:56:48 GMT

GET
H2 200 script.js Show response
ua.realtimely.io/ 3 KB
2 KB 75ms
28ms Script
application/javascript 2606:4700:20::681a:14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ua.realtimely.io/script.js
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:14b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d05e1a0d8d7a5f93e2570db9b6db1d54fd591543c6e3f2dc6ff5f3fd232b3b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 98507
cf-polished: origSize=4519
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 29 Nov 2022 09:33:44 GMT
server: cloudflare
etag: W/"6385d1f8-11a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBlgyKXuByCwPK5Uo5GjsrSBbajJUhFi0cFqNKT75cLd5R9BTMPkQikFmzM8UVhKvoVUaAAoHQJvG0HEjj%2FtLr3SvSyY1siazTK7AgMEPKFUlJO8eBjXn%2BFBGzb9UTjFHdnw617WFRc%2F0dZRLho%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=28800
cf-ray: 7aae1e09f8a19bcb-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
48 KB 182ms
135ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e999870e7e26d80457219f01b609a9d19a13357557aba1908ef1179d69c27dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48685
x-xss-protection: 0
server: cafe
etag: 11663052415058502180
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 12:56:49 GMT

GET
H3 200 logo.svg
theshiftnews.com/wp-content/themes/TheShiftNews/assets/images/ 4 KB
2 KB 37ms
30ms Image
image/svg+xml 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theshiftnews.com/wp-content/themes/TheShiftNews/assets/images/logo.svg
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 765b6147ff5aa87f5317bb4ff3385d37f5c45c75321b6fd812a2faebe84bd10b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 04 May 2022 10:43:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13411075
etag: W/"627258ec-fe0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsyeBdAkN0CxpiBkLVSFbLnHeTiBmuGz5fkR9BgsNy3XDpjdIoZpqetd8e6F2%2BB1wMTsYUK%2BhaKB1q%2FaPo1DsOgxoIjaCa4u6Tjoae2C9EYvZz3HNFZebYRgpf6sH3rokTPL6UFCRLP46ImWT3U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e09bafbbba1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
48 KB 89ms
57ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5022138414892796

Requested by

Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2739d1b0990a8a1abb3113d5a3f46caa0ba9acbaf49cd96bc4898c8c25addd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theshiftnews.com/
Origin: https://theshiftnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48672
x-xss-protection: 0
server: cafe
etag: 14095841169911095571
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 12:56:48 GMT

GET
H3 200 Vitals-stlukes.jpg
theshiftnews.com/wp-content/uploads/2018/01/ 213 KB
213 KB 85ms
79ms Image
image/jpeg 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theshiftnews.com/wp-content/uploads/2018/01/Vitals-stlukes.jpg
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3e447314d773b1f12c8e25cbada852cce1832803c227a7b87e3a842c0f91af4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
cf-cache-status: MISS
last-modified: Tue, 03 May 2022 13:54:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6271340b-35299"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HtRNwvUdCg5szhJ13kExzxeJydtNxIoQFdYmc1fk0FoiNe%2BEkxw%2Bf2CpA7GlDtYu5ldT8CkZanl6tD6RJYVFH%2FB0teQNgMAxF6BIezLEzwQLHbJY3D4AZ84xFU3s9QPNHjdO6z%2FLGA03kzwGGp8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aae1e09bafdbba1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 217753

GET
H2 200 95605477e9bfe6e830d1fae33ec11ae6
secure.gravatar.com/avatar/ 4 KB
4 KB 37ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/95605477e9bfe6e830d1fae33ec11ae6?s=96&d=mm&r=g
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: bf471cda258b1b385dcde1f76eb7586b20a35a5162bea841dce6c59c5cedf11f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 20 Mar 2023 12:56:48 GMT
last-modified: Mon, 26 Oct 2020 16:43:40 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="95605477e9bfe6e830d1fae33ec11ae6.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/95605477e9bfe6e830d1fae33ec11ae6?s=96&d=mm&r=g>; rel="canonical"
content-length: 3798
expires: Mon, 20 Mar 2023 13:01:48 GMT

GET
H3 200 Shaukat-Ali-Abdulghafoor4.jpg
theshiftnews.com/wp-content/uploads/2018/01/ 137 KB
138 KB 134ms
129ms Image
image/jpeg 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theshiftnews.com/wp-content/uploads/2018/01/Shaukat-Ali-Abdulghafoor4.jpg
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30f2eefeec3981e59bcdd581e446755020678aee0d003a5093c7d0112fc0c110

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:49 GMT
cf-cache-status: MISS
last-modified: Tue, 03 May 2022 14:04:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62713681-22443"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfkQFyVLurVu77o5SadJL3rzsnvVE7Mfbli5rnSJZ6jCoVs5YoM8o3BevtQMY%2Fj6wpzLamMoN3ltbBGmEWjiE6sc733Leo%2BDyNfa8WmQjWG4HR%2Fb0lGjQZRfy3rAb%2Bmz5nPsmpYnfV9mYQd7Zsw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aae1e09bafebba1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 140355

GET
H3 200 TSN5-Fundraiser-BottomBanner.jpg
theshiftnews.com/wp-content/uploads/2022/11/ 43 KB
43 KB 36ms
31ms Image
image/webp 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theshiftnews.com/wp-content/uploads/2022/11/TSN5-Fundraiser-BottomBanner.jpg
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ed89f7b7c23122f45cbc8d922b495057ee7ce043eeddaa2ab8a00f6a7b3b28c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1714736
cf-polished: origFmt=jpeg, origSize=149658
content-disposition: inline; filename="TSN5-Fundraiser-BottomBanner.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43830
cf-bgj: imgq:100,h2pri
last-modified: Thu, 10 Nov 2022 13:12:51 GMT
server: cloudflare
etag: "636cf8d3-2489a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrx9LXcQ53060hGLQefu9NgKvnUe18qFoAaLDOgm2OEbQDm5%2FnuKJsS6FQZ2ba2pHzMvZocjemjF57QiGVjxHFr6pm5hzxDiTHlcsxgtQAoLKJoj670qIl4jUFyQZKhWo8N%2B%2BH2LUNR4l4QI%2Bk8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aae1e09bb01bba1-FRA

GET
H3 200 Untitled-design79.png
theshiftnews.com/wp-content/uploads/2023/03/ 287 KB
288 KB 50ms
44ms Image
image/webp 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theshiftnews.com/wp-content/uploads/2023/03/Untitled-design79.png
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96ce322202ef7e3b01297d200619a12b49eb6c2843ef34d29bb2e29754638d84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81897
cf-polished: origFmt=png, origSize=489353
content-disposition: inline; filename="Untitled-design79.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 293934
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 Mar 2023 17:01:01 GMT
server: cloudflare
etag: "64134b4d-77789"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3Vh6XY9lrh3MTI84FgN6cxEi2mC%2BgHvJCl%2FtKDLvnxKnpRcen2wdyfThuiVRlnjB4rZXPnTAZW3AxIFjIN3c9d0xIDh9M4k7QxuHNVHmc7xOc%2FNGReVq2%2BUdAmXm%2B9W3Njqh4yqmglKBDimLEM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aae1e09bb02bba1-FRA

GET
H3 200 Untitled-design78.png
theshiftnews.com/wp-content/uploads/2023/03/ 159 KB
159 KB 77ms
71ms Image
image/webp 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theshiftnews.com/wp-content/uploads/2023/03/Untitled-design78.png
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6b6208e3083ac1d4e50d2d618710edd22a280caddc4ce9bb3db1692170b5cf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 365307
cf-polished: origFmt=png, origSize=287627
content-disposition: inline; filename="Untitled-design78.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 162402
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 Mar 2023 06:20:41 GMT
server: cloudflare
etag: "6412b539-4638b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScyoNZ%2F7sZFWajvKOsUWow4tB%2BvB26FL7yY05%2FFc%2Fk6LnaK5M2N01dlGphQnZnwNyz33P8Kuf3Br3mdkWdTbxxgfQOVraRTshoPyUwGrhxsSQNCCOVW9vLHEkswmqdRTJMHk1NH6giaPh8OGdoM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aae1e09bb03bba1-FRA

GET
H3 200 Untitled-design-2023-03-15T090652.833.png
theshiftnews.com/wp-content/uploads/2023/03/ 703 KB
703 KB 101ms
96ms Image
image/webp 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theshiftnews.com/wp-content/uploads/2023/03/Untitled-design-2023-03-15T090652.833.png
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 656f5eae36a6930673be3c0cb3f1bb5812304fa7be379afd162bbec9325ac773

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441011
cf-polished: origFmt=png, origSize=1219043
content-disposition: inline; filename="Untitled-design-2023-03-15T090652.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 719362
cf-bgj: imgq:100,h2pri
last-modified: Wed, 15 Mar 2023 08:07:03 GMT
server: cloudflare
etag: "64117ca7-1299e3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AWLmdqX2eBY%2FRo2L4WlHhgrqx%2Fxd7AzBw9QQ%2Fx6zp2uIq43xKCu4QVlLDtqjwz1Issgc5i3BaAOS9p%2BoSnS3LeynHUE5AXE2JJft24fSx6jshOeekXSGLuK1JlsdIC5Pxo6liAENWQQfOVmkMI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aae1e09bb07bba1-FRA

GET
H3 200 Copy-of-.png
theshiftnews.com/wp-content/uploads/2023/03/ 306 KB
307 KB 119ms
113ms Image
image/webp 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theshiftnews.com/wp-content/uploads/2023/03/Copy-of-.png
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad402ec21f8414d3a6e2be844c3da3ba969d2c507bbffbceee832809fdb2ce16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 272660
cf-polished: origFmt=png, origSize=603336
content-disposition: inline; filename="Copy-of-.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 313374
cf-bgj: imgq:100,h2pri
last-modified: Wed, 15 Mar 2023 15:03:33 GMT
server: cloudflare
etag: "6411de45-934c8"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUIUPaaZL7Brss8uxDTTihlN9nO%2FBO9kQTdgQUOCO3rihnz%2B8mm5kz%2BTeZejC3C9RoUURMXwSbUsBh651APN45uDwXLvtDI4IoOCzlqeyeFOkcbNparVGizawwXFgGHKHhLgVCs0T%2BZ4KBDlpLA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aae1e09bb08bba1-FRA

GET
H3 200 Untitled-design76-1.png
theshiftnews.com/wp-content/uploads/2023/03/ 473 KB
474 KB 38ms
33ms Image
image/webp 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theshiftnews.com/wp-content/uploads/2023/03/Untitled-design76-1.png
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68932d62a324e5767c27558e490e923a479666b635bd774f1897fda1202c851c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 272660
cf-polished: origFmt=png, origSize=712406
content-disposition: inline; filename="Untitled-design76-1.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 484756
cf-bgj: imgq:100,h2pri
last-modified: Wed, 15 Mar 2023 12:57:41 GMT
server: cloudflare
etag: "6411c0c5-aded6"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oved%2BOv0h%2B1SE56m5QAIwYtAFGeULVAWUivxgeuNMTFLNQ03ZJRqgWDf%2B5BTjyIJY7oUs5cD1mBtpBJlBSa6%2Bl9lC79BnK6MTArGS5R2yqHTIA1QWZOvJzrTkEwJ35QhZ2IgsRTeE1FSpRGzzmM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aae1e09bb09bba1-FRA

GET
H3 200 donate.png
theshiftnews.com/wp-content/themes/TheShiftNews/assets/images/ 7 KB
7 KB 156ms
151ms Image
image/webp 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theshiftnews.com/wp-content/themes/TheShiftNews/assets/images/donate.png
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9859264a7cacb37d1e5db8a0dd30b83e1927b2e5bac3dc1103e16f3da7cd9666

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 892649
cf-polished: origFmt=png, origSize=18261
content-disposition: inline; filename="donate.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6854
cf-bgj: imgq:100,h2pri
last-modified: Wed, 04 May 2022 10:43:56 GMT
server: cloudflare
etag: "627258ec-4755"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LoKJwC1H48TfV4tbPT1qe2NbYduLtFDA2QFgguoica45ueMOcwe9sx4p1uMlilTFdcXPI%2BKSh8I%2B9f8hjvnKOwF77lyWkl1KgRFJc5dJfMN8nOPZU4tLmAONqQdY909RnLT8i8xXt0IzuzA4cNw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aae1e09bb0bbba1-FRA

GET
H3 200 pra2019.png
theshiftnews.com/wp-content/themes/TheShiftNews/assets/images/ 109 KB
109 KB 157ms
152ms Image
image/webp 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theshiftnews.com/wp-content/themes/TheShiftNews/assets/images/pra2019.png
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8d10c202069a55090f777516a912bbac8fef315b06598ed8b2821f4217e8580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1716615
cf-polished: origFmt=png, origSize=220810
content-disposition: inline; filename="pra2019.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 111302
cf-bgj: imgq:100,h2pri
last-modified: Wed, 04 May 2022 10:43:56 GMT
server: cloudflare
etag: "627258ec-35e8a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uW0uv34BgGstwwSIKKk2ZWhcGH8k1lH3yla1S93uACE9FG8HC0TY6PtVURQKlybqAaBNiC3kaPtndF%2B8n02TNjdZwZEohhE%2FFyL4dsCxPVKGwb%2BwrVDZn%2BGtylfLuZ7Qne3hJryaO%2F3KitH6ZQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aae1e09bb0cbba1-FRA

GET
H3 200 sifted2021.png
theshiftnews.com/wp-content/themes/TheShiftNews/assets/images/ 24 KB
24 KB 171ms
167ms Image
image/webp 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theshiftnews.com/wp-content/themes/TheShiftNews/assets/images/sifted2021.png
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 246a4f9a2c95f204c0914af5d6aa4671d17947892aa992189b71f9e7d573b4d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 272660
cf-polished: origFmt=png, origSize=72405
content-disposition: inline; filename="sifted2021.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24122
cf-bgj: imgq:100,h2pri
last-modified: Wed, 04 May 2022 10:43:56 GMT
server: cloudflare
etag: "627258ec-11ad5"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BO38D2uyVg2nxG%2FJQjSeJtywEXUW0JorTfShijc6yWG2ovvFwRpvnRpTHzZisa%2FbhFEP0RpGX4ocNW%2B20xlRpdXAcRImUA8RETnFgspqPTcUiVLg8s%2FhKXxJEVbriur8m7q0wvHi2qHFc96QnmE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aae1e09bb0ebba1-FRA

GET
H3 200 ipi.png
theshiftnews.com/wp-content/themes/TheShiftNews/assets/images/ 14 KB
15 KB 173ms
168ms Image
image/webp 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theshiftnews.com/wp-content/themes/TheShiftNews/assets/images/ipi.png
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e45a025dd7867dea884cf21cb6940090932f78e3a0d506971f088f97c2a5821c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1715990
cf-polished: origFmt=png, origSize=25364
content-disposition: inline; filename="ipi.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14800
cf-bgj: imgq:100,h2pri
last-modified: Wed, 04 May 2022 10:43:56 GMT
server: cloudflare
etag: "627258ec-6314"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ubsKw9XNIMbKWHK3KGcWdhOU2ASRiiD3w%2Bq7NrSwFXp9IhyQvKPjBq6jyPt%2F3wMfVoXWYz7apwhSYWPuEdnwy3%2Bo3Q7Ld5Zzm28cf%2FC3KRwHWHuzBxfEd4ljjjOpZ%2BFQ3EfzYyCV4tfog0fCJWg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aae1e09bb10bba1-FRA

GET
H3 200 footer_logo.svg
theshiftnews.com/wp-content/themes/TheShiftNews/assets/images/ 4 KB
2 KB 174ms
169ms Image
image/svg+xml 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theshiftnews.com/wp-content/themes/TheShiftNews/assets/images/footer_logo.svg
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b04f10184304e35bf3feee57ef89feae5179b1d5b3ce197a6a4e86573719b32e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 04 May 2022 10:43:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13411074
etag: W/"627258ec-1007"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRhh%2BPj6j2kQKWgrBWgkWWr5J2SWJ5Wzi2ZheeBqlOJDnMiZ9d23RegH6wZEYzwzBhIlaKVO6vfTCuNqkNVrFZYw2%2Fud3yzKI6pbvmQjvMvS3uzNAoKzWS0me3uTLJFr%2BxsdZbXPxdrL1qmve6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e09bb11bba1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 popper.min.js Show response
getbootstrap.com/docs/4.1/assets/js/vendor/ 20 KB
8 KB 96ms
52ms Script
application/javascript 2606:4700:10::ac43:1e94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://getbootstrap.com/docs/4.1/assets/js/vendor/popper.min.js

Requested by

Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-fastly-request-id: e46af4e63814e00d3c45f832052b3022f8d15712
date: Mon, 20 Mar 2023 12:56:48 GMT
via: 1.1 varnish
x-content-type-options: nosniff
expires: Sun, 19 Mar 2023 15:47:15 GMT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 360
content-encoding: br
x-cache: HIT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-jnb7022-JNB
last-modified: Sat, 24 Dec 2022 16:43:29 GMT
server: cloudflare
x-github-request-id: B30A:0ED2:18087B6:190B285:640FB539
x-timer: S1679040997.133993,VS0,VE1
etag: W/"63a72c31-4f71"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 7aae1e09db04bbd9-FRA
x-cache-hits: 2

GET
H2 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/js/ 59 KB
14 KB 13ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/js/bootstrap.min.js

Requested by

Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4704941
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13947
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-ea6a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bgwLiOhAf8NSdZzIfMNBKIGsl%2BWCUcFwXBIZC4DIbwhp6CXVC6kEJubBJKjJP5kiaR1t4teAMDlO%2BE12SEGq%2FIsdv%2FL7dqhQh8crBSuVal9wOlzC45gRBOiPxABn2%2Bi74LGqlH5XP8i%2BkkOZPLTuX3qS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7aae1e09988269a3-FRA
expires: Sat, 09 Mar 2024 12:56:48 GMT

GET
H3 200 less.min.js Show response
cdnjs.cloudflare.com/ajax/libs/less.js/3.11.1/ 146 KB
40 KB 34ms
27ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/less.js/3.11.1/less.min.js

Requested by

Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

282c6e716b3681478b1204f2e25a077983ecb2819991cf17428eca4061b5ea1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2853509
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40197
last-modified: Mon, 04 May 2020 16:12:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed0-247a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnwZ1DuGZfZKoZ5ImCWESzMl9zVk4Opgiey4G3N2XCPiXyAhuEh7f%2FutV1T4tIGaemkBU7dSGZPffhMatkZctebI7R6R75e%2BVjrz8BvDcecXdcL0ioyQt3lroOHAFNKNK63Iptt%2BlVS6Ts7YiuUFhsWe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7aae1e09b8759174-FRA
expires: Sat, 09 Mar 2024 12:56:48 GMT

GET
H3 200 custom.js Show response
theshiftnews.com/wp-content/themes/TheShiftNews/ 892 B
796 B 23ms
15ms Script
application/javascript 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-content/themes/TheShiftNews/custom.js
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1132d7306869e21339d9d4fa6672bd52c7a6feee86fde46e5b9f774b49d75e69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 04 May 2022 10:43:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6226667
etag: W/"627258ec-37c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDQCJuOe088347V9BIdsaKtHe80GZ7Yj41qh2nseD7rDL%2FL32danPHCttMBsvPVWoeGkGAWw4AGsQH%2BkGm5rC8yHQnXe%2BJSpLugxdeuV4hXAU%2F6yKr5Nz%2F%2Ffbe3LodKtfeAVzeIEpiXozIiQnh8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e09bae8bba1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.adrotate.clicktracker.js Show response
theshiftnews.com/wp-content/plugins/adrotate/library/ 365 B
745 B 24ms
16ms Script
application/javascript 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 28 Jan 2023 08:43:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2709071
etag: W/"63d4e03f-16d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ye7XL2vuLefm7iW1s7omrah89zQYPjoY6ouQrIeBBBeRV1KfLxJeRn2L1AmMlp7x8TDdX4%2FmmU03sVxz0hxVlKf%2B%2Bjq0hA33N2gt6%2FXDbbYKtpqqsHUeGX3P8ykL74l%2FNpjKxn5xKrFjRyDBXTk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e09baebbba1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 wpdiscuz-combo.min.js Show response
theshiftnews.com/wp-content/plugins/wpdiscuz/assets/js/ 307 KB
69 KB 48ms
40ms Script
application/javascript 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-content/plugins/wpdiscuz/assets/js/wpdiscuz-combo.min.js?ver=7.5.3
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88ade16a4898f80ca0e68847eee08cb7688fff1dbc8a5aff3a6d5ed798da51fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Feb 2023 20:43:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2353480
etag: W/"63f3db87-4cd97"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbV6rYXxSyadTmhw5nRHD0juqvomCu3jZq9PPjeCkWK4oAnhWts0HsjvVpC9jvkSq0DonqBAdODnhjIrOPKSPpGMaJnNF%2FUs%2B57I6vUDDubXzFyJ3zQrxuG6le5pWIl2G6E2Hq5xS4eHp3t1xdI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e09baf1bba1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sassy-social-share-public.js Show response
theshiftnews.com/wp-content/plugins/sassy-social-share/public/js/ 119 KB
40 KB 31ms
24ms Script
application/javascript 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.49
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 442ded1995bed09d71ebbac985047547e1d12bee2b9824486333e44b0d6365ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 11 Mar 2023 20:43:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 749216
etag: W/"640ce7fe-1dd7f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tk9yfwS8yH1Lx1qS%2Fx5dFBK9RUmkllQi11%2BC4QshbS%2F9wnKjsoKcfQoeUQoPFAEtDCAT8mMBEuWXYruIjXX9eSjpIyOBJfCFYFnI1HUEVD1xJbw0dkkQYyu5V%2Byed7Zq2BQ1yNmiF2A8IN6sS1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e09baf2bba1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
906 B 49ms
15ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeCD8MfAAAAAFBjADFSUVwiNDd1Jogcfez90xB6&ver=1.1

Requested by

Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b25b1eba3f87154256061b3a61d1b445eb88af71e2a3e0f36d2f9c1a1e453e51

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 586
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 12:56:48 GMT

GET
H3 200 js_composer_front.min.js Show response
theshiftnews.com/wp-content/plugins/js_composer/assets/js/dist/ 20 KB
6 KB 50ms
43ms Script
application/javascript 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.10.0
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf817ee4b2d4e9d98e05e1382d295f8f10fef43770cd4e291d924a5d0afc8cc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 15 Oct 2022 15:29:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13411075
etag: W/"634ad1c7-4e52"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFFX4yNRiH7TLGkMIxLub%2FEIdC%2Fqyv0LcRnfukq6oyPYjihn6IBCnZbc52jqFaNZqbshREBauVI41FzzwNTC81hON57s%2BzYahxYYROqZqOpkh37b%2B1lOLp%2Ffu%2B%2Fbw9pVcE6F5zRmy7rP7Udey1A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e09baf4bba1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 core.min.js Show response
theshiftnews.com/wp-includes/js/jquery/ui/ 21 KB
8 KB 24ms
17ms Script
application/javascript 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Nov 2022 10:50:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11926158
etag: W/"63624b75-53c0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TiXdx874FZqGHxDK85Fvj%2B1mFlyYAXhMkFnsdB0ucY%2BWHVSIVjcnY7AHaQfCwY17FPBMRAstJBAB8%2Bo97EpwooSvCRxRRZZrtR0P86m0B5AHHgin45V7n2I%2BMD55GMEp8ChCCOkkC6UdCYl%2Fw1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e09baf5bba1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pum-site-scripts.js Show response
theshiftnews.com/wp-content/uploads/pum/ 68 KB
18 KB 59ms
52ms Script
application/javascript 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1678351436&ver=1.18.1
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28327bea7e931342b2d6d409ed0869f040cfe241196283a3ec1e904db477b824

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Mar 2023 08:43:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 956820
etag: W/"64099c4c-110ab"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ewPA7B6iCoyPqs0wcyCmvwwj7%2BrDobj01E%2BsEKCOa1HAYjSZRnifFgMTEeQxEAkfBdJEJov8VQt5kcpO3y5iW2BpWRATUEPxHAEG6uqjFDhRTppKEQhOiSAZHwegLBZHDUwY5Iw3o%2BkbVW5ddvI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e09baf7bba1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 mobile-detect.min.js Show response
theshiftnews.com/wp-content/plugins/popup-maker/assets/js/vendor/ 38 KB
17 KB 25ms
18ms Script
application/javascript 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-content/plugins/popup-maker/assets/js/vendor/mobile-detect.min.js?ver=1.3.3
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebd21fd785e33300ae6571194031810c2e87373fb139b681888b2423d78a562b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 24 Sep 2022 08:43:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13411074
etag: W/"632ec33f-981e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OPJva441xrnbcXbhUsv%2FjzTGzoeoY9Sua0SZboYaAwwnkhn3GDweUgtIYy99mkp3FVvpb9altBMhoBMOR5zErfQvnRXRGb6EArpYjWUI2%2F1ozlnagd4cTycCEOtDSlrI9qtXfItSHr5hRU%2B8mKA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e09baf9bba1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 akismet-frontend.js Show response
theshiftnews.com/wp-content/plugins/akismet/_inc/ 10 KB
3 KB 174ms
169ms Script
application/javascript 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1669927424
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5734f1b66dcb622529d435aba20990813d43553f949bc0813719b4e7d1252527

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 01 Dec 2022 20:43:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3915233
etag: W/"63891200-29ed"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KrO8gx%2BZtpWku6J4l7B94s%2BQ9BMpzD5e8zlUQ3NQWXQiESaR%2BWwUdEmGHxGxKJ%2FQiUQ69mQZiZ3JRFvdP%2F7b4HkfUvN%2F%2Bb87Xh4fo%2BAS1rnVo4VO2abRv%2BElU%2BeyjXI8J5164KOKhjrV34CrJWU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7aae1e09bb12bba1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 2 KB
937 B 20ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100

Requested by

Host: theshiftnews.com
URL: https://theshiftnews.com/wp-content/uploads/pum/pum-site-styles.css?generated=1678351436&ver=1.18.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

57816f53bd297e04d4a9a30d1571068bef957813fa5d5837c7438fb7bca05e06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Mar 2023 12:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 12:14:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Mar 2023 12:56:48 GMT

GET
H3 200 PIC-White-Rocks-400x300.jpg
theshiftnews.com/wp-content/uploads/2023/03/ 39 KB
40 KB 161ms
161ms Image
image/jpeg 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theshiftnews.com/wp-content/uploads/2023/03/PIC-White-Rocks-400x300.jpg
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9452254500822cbcd3a40c9a74a850b3a338c148b37aa4f24dcee24998a99c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
cf-cache-status: MISS
last-modified: Sat, 18 Mar 2023 07:45:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64156c0f-9dc4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rvgOWOG20hPBS2CIz4FQOJ5ECT8mrRBLZiywhhfH4%2F9YaZQdc%2B0txuz%2BMV8d9GCwGYllpL1UvX1WjhY6dPI1lx66%2FFEm%2B95OPBXvnk%2FSURlvExKxTIuhS63lkUJYMcpjv2csukFCT8rkBXcGd74%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aae1e09cb1cbba1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40388

GET
H3 200 PIC-BOV-director-James-Grech-with-Lydia-Abela-campaigning-in-2022-2-400x300.jpg
theshiftnews.com/wp-content/uploads/2023/03/ 17 KB
17 KB 170ms
170ms Image
image/jpeg 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theshiftnews.com/wp-content/uploads/2023/03/PIC-BOV-director-James-Grech-with-Lydia-Abela-campaigning-in-2022-2-400x300.jpg
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c741134cd58edf34ba1961ba9ddd481488785620ea1a84f89cdb3086db8391f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196794
cf-polished: origSize=18710, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16962
cf-bgj: imgq:100,h2pri
last-modified: Wed, 15 Mar 2023 06:22:51 GMT
server: cloudflare
etag: "6411643b-4916"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jxo4%2BbOQr%2Bl33HBEaB58v%2F1H5WNrYarRv%2BQeUcz31DFVaCTj1rsmdDRWd3QBcVyDNwNc2rN%2FLBf5OmhiSROyJYKvc2dz4RO5n3T6hKZTQPOKTfBihjkc4pFlKKOzrHXqiD4DVRLUz1ciMIVMpB0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aae1e09cb1ebba1-FRA

GET
H2 200 ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v21/ 23 KB
24 KB 55ms
26ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://theshiftnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 22:56:08 GMT
x-content-type-options: nosniff
age: 482440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23948
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:47:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Mar 2024 22:56:08 GMT

GET
H3 200 fa-brands-400.woff2
theshiftnews.com/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/ 75 KB
75 KB 170ms
169ms Font
font/woff2 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/fa-brands-400.woff2
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/fa.min.css?ver=7.5.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

Referer: https://theshiftnews.com/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/fa.min.css?ver=7.5.3
Origin: https://theshiftnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6162021
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76612
last-modified: Fri, 16 Dec 2022 20:43:43 GMT
server: cloudflare
etag: "639cd87f-12b44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3VmN%2BiEueD%2FkX8DlwobOsJ84G9GQJQUfytwuOPc%2FGzlPLX5jkgGxK44G2iN8FicW%2FSLXAoiXCTCoo3DRQNi8aoTFbnxqDdG0%2BmT%2BHnG2Ne6MSI3GkkalulcgF2BHMhSevvGX2XXUGomGdyKvVEo%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aae1e09cb21bba1-FRA

GET
H3 200 fa-solid-900.woff2
theshiftnews.com/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/ 78 KB
78 KB 171ms
169ms Font
font/woff2 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theshiftnews.com/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/fa-solid-900.woff2
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/fa.min.css?ver=7.5.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Referer: https://theshiftnews.com/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/fa.min.css?ver=7.5.3
Origin: https://theshiftnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4901103
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79444
last-modified: Fri, 16 Dec 2022 20:43:43 GMT
server: cloudflare
etag: "639cd87f-13654"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYzARY5UEuYaAruYQtqZQ66f1vFfyWO4d%2B%2Bh%2BvbmWmDoL9%2BmOed7kVzW6tut6oVNRoZ%2Bz%2BpAdCzHAHt75RARLXCAq%2BT%2B26q%2FijzwpHkhKNh7QmF3CfrSRYXQh%2BivvEogPEgdZaMTwDJjdy2fnoI%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aae1e09db23bba1-FRA

GET
H2 200 ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v21/ 27 KB
27 KB 44ms
16ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://theshiftnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:11:53 GMT
x-content-type-options: nosniff
age: 344695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27456
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:10:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 13:11:53 GMT

GET
H2 200 ga6Kaw1J5X9T9RW6j9bNfFImajC7.woff2
fonts.gstatic.com/s/notoserif/v21/ 21 KB
22 KB 38ms
10ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Kaw1J5X9T9RW6j9bNfFImajC7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5bc6e295567ab6723e8b71b9cebbaf12239f9a94c804af09e57412ce70c3177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://theshiftnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 16:49:05 GMT
x-content-type-options: nosniff
age: 418063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21916
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:18:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 16:49:05 GMT

GET
H3 200 70.jpg
theshiftnews.com/wp-content/uploads/2018/01/ 44 KB
45 KB 138ms
137ms Image
image/jpeg 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theshiftnews.com/wp-content/uploads/2018/01/70.jpg
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe08d43b9bc0803e09a18cd1fb42be4f6b458140174989a46ec72e4667f6dd19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:49 GMT
cf-cache-status: MISS
last-modified: Tue, 03 May 2022 13:52:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "627133ae-b170"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YsjtLt5gDqcpzVfdWG7%2FeHOZXLIxUQ2fg4gjgO1Q3vRR0DITjKF7mtzklxdsDaM5Z9UW8w5dvHdzEj4m4UtWGsWZCXw39owXoXSti1RPM8abyGsMuW6UrZjpY6WRmFjBnCxVF0E9anjoOJhm6g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aae1e0a0b71bba1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45424

GET
H3 200 project.jpg
theshiftnews.com/wp-content/uploads/2018/01/ 73 KB
73 KB 141ms
139ms Image
image/jpeg 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theshiftnews.com/wp-content/uploads/2018/01/project.jpg
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d52d544f0cc4b5646e0943f283586cdf0acb72ac39cbea08b666221dc6e08cc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:49 GMT
cf-cache-status: MISS
last-modified: Tue, 03 May 2022 14:10:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "627137dd-12388"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WSnRZgW7CKKDdsleRnrU5Ce5HGVsqEZK70jR3j0zDuq08Jshr8Yt1OapM4NfeF4nvzWo4MKFQy%2BTZg3ZhegdWiajuVz3RdYcHHp9hBR%2Bl6dOiDYLDlUVd64GAY8kurXo6orISm3upynBvZXy%2F6o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aae1e0a0b75bba1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74632

GET
H3 200 understanding.jpg
theshiftnews.com/wp-content/uploads/2018/01/ 95 KB
95 KB 142ms
139ms Image
image/jpeg 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theshiftnews.com/wp-content/uploads/2018/01/understanding.jpg
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb15d75d6db05e652ed173154858867ab6116e06ec4b1f6a726a4cbddbe5b414

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:49 GMT
cf-cache-status: MISS
last-modified: Tue, 03 May 2022 11:47:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6271164f-17af9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vo6AxChX3dYbQ3mgIvgVkIVM9DfOeV2km7VEuuyvMLosRDk6B2mTKDZh6FXgYq9OMl8Q0bWsOiR9DEEtH%2BBKRdLA8ZODprLe6H1CFoyXuwksz7ZuTqLF6Dr8n0bx64qMRYxCXNB64nbjN7zD1ag%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aae1e0a0b76bba1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 97017

GET
H3 200 1.jpg
theshiftnews.com/wp-content/uploads/2018/01/ 25 KB
25 KB 138ms
136ms Image
image/jpeg 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theshiftnews.com/wp-content/uploads/2018/01/1.jpg
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a224e48c87ddcf3e5657bacd73839a1c45b0b1abb7a79fa4aadfe421f2e0e31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:49 GMT
cf-cache-status: MISS
last-modified: Tue, 03 May 2022 14:02:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "627135f9-6238"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNX%2BT3%2Fbd3mZ5XeGRBDkGpn1l5cC4ZW%2F67Wg4Owgjtw3KrYQOGiX1fr%2BvtFnuhIBaBswc%2F9GiGL5AvXLsaKwWCQOtsgaCEhl8CgSfKpfX5pbgJe0wmS8PXUT0qmWe3VGE%2Fgg6b4DFxpbAp2RNlg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aae1e0a0b78bba1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25144

GET
H3 200 2.jpg
theshiftnews.com/wp-content/uploads/2018/01/ 33 KB
34 KB 138ms
137ms Image
image/jpeg 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theshiftnews.com/wp-content/uploads/2018/01/2.jpg
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41e037145060676796c6658333e6983314fd289c327453caa6682ccf78cab36b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:49 GMT
cf-cache-status: MISS
last-modified: Tue, 03 May 2022 12:15:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62711cd4-849c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbRheV2DUS5j1d5tvWNtcq99H0t77gIfaDGvD7tpQoj0iybfMYF36XF89GzkJ4To6XpcCHajUyZHd12lcRcHo8Oq7%2FX8rtIgt7WGSUgLO6VjjpE73rZi38Fpx4SvJtlaDnGhNVD1pnNE8epZB0k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aae1e0a0b7abba1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33948

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/ 350 KB
117 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5022138414892796&plah=theshiftnews.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5022138414892796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e0f374fc5b4e8c4fc06626965f53445df1249091774dbe20dc409d3c17e88da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119661
x-xss-protection: 0
server: cafe
etag: 6176343620785273874
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 12:56:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/ Frame 32AD 10 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5022138414892796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theshiftnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64923
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 18:54:46 GMT
etag: 2378337311435320485
expires: Sun, 02 Apr 2023 18:54:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ 407 KB
163 KB 42ms
10ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeCD8MfAAAAAFBjADFSUVwiNDd1Jogcfez90xB6&ver=1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7758a4fd4f12e3dcce82f7ee68f926f28fad12d9073b88eced439b6a6fe12343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theshiftnews.com/
Origin: https://theshiftnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 14:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166267
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 02:02:14 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 14:10:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 39ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108509011-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 20 Mar 2023 12:23:33 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1996
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 20 Mar 2023 14:23:33 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 91ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2M9K85TCJE&gtm=45je33f0&_p=386200701&cid=758828850.1679317009&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679317009&sct=1&seg=0&dl=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&dt=Vitals%20ownership%3A%20Untangling%20the%20web%20%7C%20The%20Shift%20News&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2M9K85TCJE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 12:56:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theshiftnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
api.realtimely.io/c/ 0
333 B 74ms
43ms Image
text/html 2606:4700:20::681a:14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.realtimely.io/c/?p=%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&u=no&h=https%3A%2F%2Ftheshiftnews.com&r=&sid=SHIFT&t=Vitals%20ownership%3A%20Untangling%20the%20web%20%7C%20The%20Shift%20News&qs=%7B%7D&cid=25118497
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:14b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mu9XTrS%2B9oHlcYfQsSNDNeIB%2Bz5eDOjDk93hDtcU22%2FDfc3wijjmbgNi6TiRQov9z%2Fq%2Fsc2z0k64KeE4xnrr0x3X%2BlQfecww%2F41zNhZq3gSx6n43R49vWhi7LsgsQCKYIUBwBd%2BA5VTamTgMVb8L"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 7aae1e0c6c829bcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 14ms
13ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=386200701&t=pageview&_s=1&dl=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&ul=en-us&de=UTF-8&dt=Vitals%20ownership%3A%20Untangling%20the%20web%20%7C%20The%20Shift%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2131653555&gjid=515510787&cid=758828850.1679317009&tid=UA-108509011-1&_gid=1852472210.1679317009&_r=1&gtm=457e33f0&z=1799067699

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theshiftnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 12:56:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theshiftnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 945B 48 KB
27 KB 27ms
26ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCD8MfAAAAAFBjADFSUVwiNDd1Jogcfez90xB6&co=aHR0cHM6Ly90aGVzaGlmdG5ld3MuY29tOjQ0Mw..&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=joj3combb22d

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0282cb81fe62e98da9ec7200defd5019ba3e12695f5864b0eb5bdb313b374cef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NAxIDjN4LpUw9WdoGVxD4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theshiftnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 26965
content-security-policy: script-src 'report-sample' 'nonce-NAxIDjN4LpUw9WdoGVxD4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 12:56:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
610 B 44ms
21ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=theshiftnews.com&callback=_gfp_s_&client=ca-pub-5022138414892796

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5022138414892796&plah=theshiftnews.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4635d180a267763b40c2d2b3f44ca39382fca1b35106d9d6cf900a6613919a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 113ms
28ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=theshiftnews.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 53ms
16ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=theshiftnews.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=grecaptcha-badge&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 12:56:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F0A4 398 KB
76 KB 619ms
618ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5022138414892796&output=html&adk=1812271804&adf=3025194257&lmt=1594488153&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x810_r&format=0x0&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679317009127&bpp=7&bdt=310&idt=373&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2498721383521&frm=20&pv=2&ga_vid=758828850.1679317009&ga_sid=1679317010&ga_hid=386200701&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C42532089%2C44759837%2C31072952&oid=2&pvsid=4288765480582794&tmod=1845641553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=405

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c419d2fd5741d0f9e1a829504aedc7503d0350eb078107b67a8dbaa982385ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theshiftnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 77584
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 12:56:50 GMT
expires: Mon, 20 Mar 2023 12:56:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 71ms
22ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-108509011-1&cid=758828850.1679317009&jid=2131653555&gjid=515510787&_gid=1852472210.1679317009&_u=YADAAUAAAAAAACAAI~&z=510131967

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://theshiftnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 20 Mar 2023 12:56:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theshiftnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3885 101 KB
34 KB 573ms
571ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5022138414892796&output=html&h=280&slotname=6506358167&adk=1402653840&adf=3499857793&pi=t.ma~as.6506358167&w=1110&lmt=1594488153&format=1110x280&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679317009134&bpp=2&bdt=317&idt=403&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2498721383521&frm=20&pv=1&ga_vid=758828850.1679317009&ga_sid=1679317010&ga_hid=386200701&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C42532089%2C44759837%2C31072952&oid=2&pvsid=4288765480582794&tmod=1845641553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zy0T33ETgS&p=https%3A//theshiftnews.com&dtd=410

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83d130f9def5a2a9eb8ba34059efe04dda3ab47559000a42cd3662c23ccb2435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theshiftnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34659
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 12:56:50 GMT
expires: Mon, 20 Mar 2023 12:56:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame 945B 55 KB
24 KB 27ms
10ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCD8MfAAAAAFBjADFSUVwiNDd1Jogcfez90xB6&co=aHR0cHM6Ly90aGVzaGlmdG5ld3MuY29tOjQ0Mw..&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=joj3combb22d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 14:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 02:02:14 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 14:38:57 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame 945B 407 KB
162 KB 29ms
12ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7758a4fd4f12e3dcce82f7ee68f926f28fad12d9073b88eced439b6a6fe12343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 14:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166267
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 02:02:14 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 14:10:14 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7627 436 B
234 B 343ms
341ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5022138414892796&output=html&h=250&slotname=2458467798&adk=3972122683&adf=3146685315&pi=t.ma~as.2458467798&w=300&lmt=1594488153&format=300x250&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679317009136&bpp=1&bdt=320&idt=419&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=2498721383521&frm=20&pv=1&ga_vid=758828850.1679317009&ga_sid=1679317010&ga_hid=386200701&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C42532089%2C44759837%2C31072952&oid=2&pvsid=4288765480582794&tmod=1845641553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=C7Ftj0Pejq&p=https%3A//theshiftnews.com&dtd=432

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09c9df35348295d97683f7eef11cf3edaedac0b1ed58a3483591605343c7b46a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theshiftnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 12:56:49 GMT
expires: Mon, 20 Mar 2023 12:56:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4CAF 436 B
235 B 370ms
368ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5022138414892796&output=html&h=250&slotname=2458467798&adk=3051683247&adf=2672717992&pi=t.ma~as.2458467798&w=300&lmt=1594488153&format=300x250&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679317009137&bpp=1&bdt=321&idt=436&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C300x250&nras=1&correlator=2498721383521&frm=20&pv=1&ga_vid=758828850.1679317009&ga_sid=1679317010&ga_hid=386200701&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=2146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C42532089%2C44759837%2C31072952&oid=2&pvsid=4288765480582794&tmod=1845641553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=j5etlLJtsU&p=https%3A//theshiftnews.com&dtd=440

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b95b6db1010e1702620f554d27f16a985104f0a6c44ab3614cbd0f4c07388ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theshiftnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 12:56:49 GMT
expires: Mon, 20 Mar 2023 12:56:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 44EE 436 B
236 B 279ms
277ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5022138414892796&output=html&h=600&slotname=5512901731&adk=1046334641&adf=323989501&pi=t.ma~as.5512901731&w=300&lmt=1594488153&format=300x600&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679317009137&bpp=1&bdt=321&idt=445&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C300x250%2C300x250&nras=1&correlator=2498721383521&frm=20&pv=1&ga_vid=758828850.1679317009&ga_sid=1679317010&ga_hid=386200701&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=2422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C42532089%2C44759837%2C31072952&oid=2&pvsid=4288765480582794&tmod=1845641553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=gHYe6jtZVT&p=https%3A//theshiftnews.com&dtd=451

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc8461b5cfd9b6be0589695d4c177d9c35c271fc66be905d8ca4298e3bda2580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theshiftnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 12:56:49 GMT
expires: Mon, 20 Mar 2023 12:56:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 945B 2 KB
2 KB 11ms
10ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:21:16 GMT
x-content-type-options: nosniff
age: 250533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 24 Mar 2023 15:21:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 945B 15 KB
15 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 20:18:07 GMT
x-content-type-options: nosniff
age: 491922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Mar 2024 20:18:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 945B 15 KB
15 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:54:53 GMT
x-content-type-options: nosniff
age: 356516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 09:54:53 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 945B 102 B
132 B 16ms
15ms Other
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e6798f5bcde77b61afb0b5d323ef9f611c3df67da2faccf4e15a954a8ead85fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCD8MfAAAAAFBjADFSUVwiNDd1Jogcfez90xB6&co=aHR0cHM6Ly90aGVzaGlmdG5ld3MuY29tOjQ0Mw..&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=joj3combb22d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 12:56:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3885 8 KB
991 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5022138414892796&output=html&h=280&slotname=6506358167&adk=1402653840&adf=3499857793&pi=t.ma~as.6506358167&w=1110&lmt=1594488153&format=1110x280&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679317009134&bpp=2&bdt=317&idt=403&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2498721383521&frm=20&pv=1&ga_vid=758828850.1679317009&ga_sid=1679317010&ga_hid=386200701&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C42532089%2C44759837%2C31072952&oid=2&pvsid=4288765480582794&tmod=1845641553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zy0T33ETgS&p=https%3A//theshiftnews.com&dtd=410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Mar 2023 12:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 11:29:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Mar 2023 12:56:50 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 3885 2 KB
846 B 32ms
10ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 18:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 18:12:46 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3885 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUqqjEVgYZN3JIqDhx_AP8ou32A-Jj-q0b9jIlODiEO-Y9ZePDhABIMetlnJgleKQgqAHoAGH-rGLKcgBCagDAcgDywSqBKMCT9CK9RRpYHASQLJhg4xVpS1AflDNVkoqeipPXvzw3H2QG82_0F7CWt5fKZHZBXO4MKFDbzf0RKg8HcdBg7eJLRx55kUGhQ_4Kq-knpUrBZKMJnEQyKu-TnEVkWRb_oGaQwMQn6qgTxmEdcncobJBoBQZw8MQYR_OmNyB5dDHlTya1kP11yIWwmNQyp4iB_awGT7n9ANhS5xeT2i7o8GDrn5L6qjzS9_d8ykXyDlmyl5js3doh2TNLmqZt4BOL8K5gQO5QaoOQ1H2ZH0WOWijWH_l2dkComKDn6Tj2KvsdzTPd_qRItrRrklZC_RURj8vPhztH3OculBdwJ6dig_dJML6k7g4iqRwYRryDDyZ3mCkOogkZq_6_hBibjBInENuYxkKwAS-6JuHmgSSBQQIBBgBkgUECAUYBKAGLoAHh7KC6wOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxDVMNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQB0BUBmBYBgBcBshccChoIABIUcHViLTUwMjIxMzg0MTQ4OTI3OTYYAA&sigh=1cILHr7UpSA&uach_m=[UACH]&cid=CAQSGwDUE5ymiYv4or0vbmaHfnRL3s5ne_C133VfqxgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5022138414892796&output=html&h=280&slotname=6506358167&adk=1402653840&adf=3499857793&pi=t.ma~as.6506358167&w=1110&lmt=1594488153&format=1110x280&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679317009134&bpp=2&bdt=317&idt=403&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2498721383521&frm=20&pv=1&ga_vid=758828850.1679317009&ga_sid=1679317010&ga_hid=386200701&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C42532089%2C44759837%2C31072952&oid=2&pvsid=4288765480582794&tmod=1845641553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zy0T33ETgS&p=https%3A//theshiftnews.com&dtd=410
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Mar 2023 12:56:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 20 Mar 2023 12:56:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 3885 22 KB
9 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 18:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67702
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 18:08:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 3885 3 KB
1 KB 24ms
11ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 08:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17596
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 08:03:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 3885 20 KB
9 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 18:07:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 18:07:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3885 158 KB
49 KB 250ms
249ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Mar 2023 12:56:50 GMT

GET
H3 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame 3885 34 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 04:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 10:19:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 04:57:51 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/7403496383721653964/ Frame 3885 25 KB
25 KB 24ms
12ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7403496383721653964/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2f589ed9467c4787253f164173dccbcdb1aba0ed7696b866ac5156acf60f3ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 16:38:42 GMT
x-content-type-options: nosniff
age: 159488
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25538
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 07:36:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Mar 2024 16:38:42 GMT

GET
DATA 200
OK truncated
/ Frame 3885 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3885 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3885 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40fee94b34306c5d83f77701c3e31c344854cf5070aff706c6954a096d3428e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/ 149 KB
51 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4410c9c8ff86b7df8cb3b649c9e519bcd8bbcc684f32f58f106e9981a43f56c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52115
x-xss-protection: 0
server: cafe
etag: 1044989407190192962
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 12:56:50 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 17ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=theshiftnews.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=theshiftnews.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9CED 436 B
233 B 411ms
410ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5022138414892796&output=html&h=280&adk=2336177055&adf=494719954&pi=t.aa~a.1398692503~i.15~rp.4&w=730&fwrn=4&fwrnh=100&lmt=1594488153&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2737804246&ad_type=text_image&format=730x280&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&fwr=0&pra=3&rh=183&rw=730&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679317010222&bpp=2&bdt=1406&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd4e80107da258bd9-221864a562dd00f1%3AT%3D1679317009%3ART%3D1679317009%3AS%3DALNI_MbcLjeT2o680ZPkMCZ8OLC-Pt4eZw&gpic=UID%3D00000bc974dff49a%3AT%3D1679317009%3ART%3D1679317009%3AS%3DALNI_MYOQAMv8Hz-cjjj1GFxXGkDiAYQsA&prev_fmts=0x0%2C1110x280%2C300x250%2C300x250%2C300x600&nras=2&correlator=2498721383521&frm=20&pv=1&ga_vid=758828850.1679317009&ga_sid=1679317010&ga_hid=386200701&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3308&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C42532089%2C44759837%2C31072952&oid=2&psts=AD37Y7tvdFsEhHc8V7mLQRkycMT19S1nNqjuZaEpPv7ODYl0e5_IaNgjR6vNPx05suAOqAH0rUzCWESt6BBw4NLnzDUe7UbV&pvsid=4288765480582794&tmod=1845641553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=fcNsfo9Ehm&p=https%3A//theshiftnews.com&dtd=22

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87f027a911a0a106c0e181af82b92a753671593db23175c3074e5f51da448360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theshiftnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 12:56:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C2D8 436 B
231 B 441ms
440ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5022138414892796&output=html&h=280&adk=2336177055&adf=3178594335&pi=t.aa~a.1398692503~i.23~rp.4&w=730&fwrn=4&fwrnh=100&lmt=1594488153&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2737804246&ad_type=text_image&format=730x280&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&fwr=0&pra=3&rh=183&rw=730&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679317010222&bpp=2&bdt=1405&idt=2&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd4e80107da258bd9-221864a562dd00f1%3AT%3D1679317009%3ART%3D1679317009%3AS%3DALNI_MbcLjeT2o680ZPkMCZ8OLC-Pt4eZw&gpic=UID%3D00000bc974dff49a%3AT%3D1679317009%3ART%3D1679317009%3AS%3DALNI_MYOQAMv8Hz-cjjj1GFxXGkDiAYQsA&prev_fmts=0x0%2C1110x280%2C300x250%2C300x250%2C300x600%2C730x280&nras=3&correlator=2498721383521&frm=20&pv=1&ga_vid=758828850.1679317009&ga_sid=1679317010&ga_hid=386200701&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C42532089%2C44759837%2C31072952&oid=2&psts=AD37Y7tvdFsEhHc8V7mLQRkycMT19S1nNqjuZaEpPv7ODYl0e5_IaNgjR6vNPx05suAOqAH0rUzCWESt6BBw4NLnzDUe7UbV&pvsid=4288765480582794&tmod=1845641553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=hflcCTPUbp&p=https%3A//theshiftnews.com&dtd=29

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

738e352030f4d80a4189fd20e51e500c8bfb6faa7c83be733d46b933bbb68a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theshiftnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 12:56:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CB09 32 KB
13 KB 437ms
437ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5022138414892796&output=html&h=250&adk=3930010116&adf=1400929148&pi=t.aa~a.2321100182~rp.2&w=310&fwrn=4&fwrnh=100&lmt=1594488153&rafmt=1&to=qs&pwprc=2737804246&format=310x250&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679317010258&bpp=1&bdt=1441&idt=2&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd4e80107da258bd9-221864a562dd00f1%3AT%3D1679317009%3ART%3D1679317009%3AS%3DALNI_MbcLjeT2o680ZPkMCZ8OLC-Pt4eZw&gpic=UID%3D00000bc974dff49a%3AT%3D1679317009%3ART%3D1679317009%3AS%3DALNI_MYOQAMv8Hz-cjjj1GFxXGkDiAYQsA&prev_fmts=0x0%2C1110x280%2C300x250%2C300x250%2C300x600%2C730x280%2C730x280&nras=4&correlator=2498721383521&frm=20&pv=1&ga_vid=758828850.1679317009&ga_sid=1679317010&ga_hid=386200701&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=2256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C42532089%2C44759837%2C31072952&oid=2&psts=AD37Y7tvdFsEhHc8V7mLQRkycMT19S1nNqjuZaEpPv7ODYl0e5_IaNgjR6vNPx05suAOqAH0rUzCWESt6BBw4NLnzDUe7UbV&pvsid=4288765480582794&tmod=1845641553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=3VlFTNOfuw&p=https%3A//theshiftnews.com&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5782ec75cc9b26f205b6fec3a368fc9cce2cd913dd21d3d6fd9cd07e12960e29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theshiftnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12811
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 12:56:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/ Frame 55BA 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theshiftnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47593
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 23:43:37 GMT
etag: 2378337311435320485
expires: Sun, 02 Apr 2023 23:43:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/ Frame 5F73 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theshiftnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47593
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 23:43:37 GMT
etag: 2378337311435320485
expires: Sun, 02 Apr 2023 23:43:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/ Frame DD80 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theshiftnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47593
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 23:43:37 GMT
etag: 2378337311435320485
expires: Sun, 02 Apr 2023 23:43:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 55BA 4 KB
636 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Mar 2023 12:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 12:18:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Mar 2023 12:56:50 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 55BA 205 B
229 B 19ms
18ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:55:37 GMT
x-content-type-options: nosniff
age: 73
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 19 Mar 2024 12:55:37 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 55BA 604 B
628 B 23ms
22ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 11:21:37 GMT
x-content-type-options: nosniff
age: 5713
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 19 Mar 2024 11:21:37 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/elements/html/ Frame 55BA 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

317f149045d69a8bf445de8bbd3ff61b2cc95da746998e97f4381dfe3326c7f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 18:18:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67072
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 16448057571289220057
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 18:18:58 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 5F73 2 KB
799 B 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 18:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 18:12:46 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 5F73 22 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 18:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67702
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 18:08:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 5F73 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 08:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17596
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 08:03:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 5F73 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 18:07:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 18:07:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5F73 158 KB
48 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Mar 2023 12:56:50 GMT

GET
H3 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame 5F73 34 KB
14 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 04:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 10:19:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 04:57:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame DD80 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 18:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67702
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 18:08:28 GMT

GET
H3 200 16684906554893140862
tpc.googlesyndication.com/daca_images/simgad/ Frame DD80 97 KB
97 KB 11ms
8ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16684906554893140862

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6dbb92042412683149e8aa3e72e182c8aea8525a155d42cbb59c04d27d0aebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:25:55 GMT
x-content-type-options: nosniff
age: 135055
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98864
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 08:10:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Mar 2024 23:25:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame DD80 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 08:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17596
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 08:03:34 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame DD80 20 KB
8 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 18:07:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 18:07:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD80 158 KB
48 KB 37ms
34ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Mar 2023 12:56:50 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame DD80 34 KB
14 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b21d3c84a56e96a787129c9b016a36df3ee65aadec3d5c693c5e88eb808e76de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 18:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13869
x-xss-protection: 0
server: cafe
etag: 12751962951837030032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 18:15:07 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8B96 8 KB
895 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Mar 2023 12:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 11:40:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Mar 2023 12:56:50 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 8B96 2 KB
765 B 8ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 18:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 18:12:46 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 8B96 22 KB
9 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 18:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67702
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 18:08:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 8B96 3 KB
1 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 08:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17596
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 08:03:34 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 8B96 20 KB
8 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 18:07:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 18:07:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8B96 158 KB
48 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Mar 2023 12:56:50 GMT

GET
H3 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame 8B96 34 KB
14 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 04:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 10:19:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 04:57:51 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4E64 143 B
166 B 6ms
6ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 12:25:12 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8D5A 143 B
166 B 7ms
6ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 12:25:12 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 3885 28 KB
28 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 17:05:31 GMT
x-content-type-options: nosniff
age: 417079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 17:05:31 GMT

GET
H3 200 10116089541548816971
tpc.googlesyndication.com/daca_images/simgad/ Frame 5F73 10 KB
10 KB 44ms
43ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10116089541548816971?w=180&h=360

Requested by

Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f723ef129d292ff91a97ecc2c818f88397ffb4e4411d112db7a819bf95dc5840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:50 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9889
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 02:59:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Mar 2023 12:56:50 GMT

GET
DATA 200
OK truncated
/ Frame 5F73 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9770a296bbeaa849d24ad73fa41c033e8cec7503b3a633e6d798cc5edf4b962d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9702 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js

Requested by

Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b28d70bd0f1f6e31d2b809516a0291521eb5cca9881f7a63ea38886e66cbed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:06:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14123
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 12:06:33 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4E64
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

18ms
18ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 12:56:50 GMT
expires: Mon, 20 Mar 2023 12:56:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 12:56:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5F73 0
18 B 49ms
48ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfYt3EVgYZOL6IfK8x_APisqVkA2wyvnNb5KPq4q0EJf-u-mVDhABIMetlnJgleKQgqAHoAHvnf_bKMgBAakCVIoTSEMBeT6oAwHIA8sEqgShAk_QkfNFlihNEXIkfBQutaN5VsNdST34nEJRe5NK6I9J_a-8y8Qzt656pkPGrgCQQdyPJ7uLMQ7lKuMUmlg7CHKEERqB8NxxPif6vNYnnl2LxYZ8C-iN0R0LObPljHdmqqJsd-GeHQd3jdWsVzfkCz_qDGhbZ75xljIScr4O9mb2Tnack4ntoXRulBGAc-0Pl-y7lk0uGEe4WAMtbD3OSW9G0uhTcrUEhBM2tjb258eVSGw2_l65SE0_e_EOf1pc2g8kBP-X6AKlveEa4rFAmdNStwV_XbobPSChIKqsIyTxzcV5Xp_rxRAexzBoZEf1gHPVwssiF2X2Sw0obCGGybuBYRdXfCCy8caFUH-Z4NCoEp6qkCo2VF3JQlLuMX8ZLf3ABKbMzr77A5IFBAgEGAGSBQQIBRgEoAYCgAfK8dC7A6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEMou0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNTAyMjEzODQxNDg5Mjc5NhgA&sigh=5ovB6uTtqcM&uach_m=[UACH]&cid=CAQSGwDUE5ymhjCcF6iwlw-miYRlQ03-z2G6Q6xJ_RgB&vis=1

Requested by

Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Mar 2023 12:56:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js Show response
pagead2.googlesyndication.com/bg/ Frame 395B 36 KB
14 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b28d70bd0f1f6e31d2b809516a0291521eb5cca9881f7a63ea38886e66cbed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:06:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14123
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 12:06:33 GMT

GET
H3 200 KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A28 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b28d70bd0f1f6e31d2b809516a0291521eb5cca9881f7a63ea38886e66cbed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:06:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14123
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 12:06:33 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8D5A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

26ms
26ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 12:56:50 GMT
expires: Mon, 20 Mar 2023 12:56:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 12:56:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8893 0
0 50ms
50ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfoiDElgYZNv0EseDxdwPg42ZgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MDIyMTM4NDE0ODkyNzk2yAEJqQKnhC3nouGxPqgDAaoElQJP0MQEPuPWchFLWEmTNnqqBWL91VdP8B871OqO-uU54QNP5gkZCqysGY5YRJ9nQD20c9xyKpcVtDSSy8rdT_dtH1gM5j9NfR5ysh8BaPW7bQ1KtQ_3x4kk3aRA96JxTXdtm9NyE3EBGXbfurLMSN-FHf2UpFOyl6c8DjstxHYjOsZUUl03pwZr-8Vj7g8ggYKM1mMGEFtp9pB3eKSHwwW1NW_ZBW9-FlaZEL0w4quHCvjqb0S4dj79CzrX2eopSGZ7UBRg9oL53z1znZtEDReHHndijPy54yQdzp-hInJ_gUGhj2SJG37rsWruCAeZdbmY-ZPIGC35Qang6m-j07BBcGbbKxFQhKcFVfwQsCahQKlnLCFhgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01MDIyMTM4NDE0ODkyNzk2GAA&sigh=TFr9KAPtJHE&uach_m=[UACH]&cid=CAQSPADUE5ymoPkry8ZhaxG3bpL4AXxiutugMl7WLw0G0erp88Jojs1vgiBra8qy2d_GmxQA-Sk-FFkq26Xk4xgB

Requested by

Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5022138414892796&output=html&h=250&adk=3930010116&adf=1400929148&pi=t.aa~a.2321100182~rp.2&w=310&fwrn=4&fwrnh=100&lmt=1594488153&rafmt=1&to=qs&pwprc=2737804246&format=310x250&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679317010258&bpp=1&bdt=1441&idt=2&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd4e80107da258bd9-221864a562dd00f1%3AT%3D1679317009%3ART%3D1679317009%3AS%3DALNI_MbcLjeT2o680ZPkMCZ8OLC-Pt4eZw&gpic=UID%3D00000bc974dff49a%3AT%3D1679317009%3ART%3D1679317009%3AS%3DALNI_MYOQAMv8Hz-cjjj1GFxXGkDiAYQsA&prev_fmts=0x0%2C1110x280%2C300x250%2C300x250%2C300x600%2C730x280%2C730x280&nras=4&correlator=2498721383521&frm=20&pv=1&ga_vid=758828850.1679317009&ga_sid=1679317010&ga_hid=386200701&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=2256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C42532089%2C44759837%2C31072952&oid=2&psts=AD37Y7tvdFsEhHc8V7mLQRkycMT19S1nNqjuZaEpPv7ODYl0e5_IaNgjR6vNPx05suAOqAH0rUzCWESt6BBw4NLnzDUe7UbV&pvsid=4288765480582794&tmod=1845641553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=3VlFTNOfuw&p=https%3A//theshiftnews.com&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Mar 2023 12:56:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 8893 0
0 58ms
18ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jgjqfpexpy32tgrcedyjxqenf7ph2788ckg854s5yzs3y1mb4cgb7khagcr04b119cs0w48th9ywbsnbzrxgrv1x3m2p6g705say9hdsjkeezx7rsxxew3k9bqqefe43xq35jrt3d603z795btzzeadrxyqw21etxsndgf3ht14f98j7j86yjfzqetgrnbrd57asm85j82d34d2nsyyan44z379f36yss6kpx1h7c49t7fb6sav3jvnzz29xpx884gqk95bxahqkmy5kr6x9t6brvfqk28abvmwhnnb53j919cx95r5294k2rwhymnn6sakwfc95kepahszxnhkgdk8cgvecwjz51n8d2kc3b0cwrvrygr2nd9qwgzc985be90fmkeavpndnjr&b=ZBhYEgAEulsFkUHHAAZGgwy0Wwy5UkD52HX9cw
Requested by: Host: theshiftnews.com
URL: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 20 Mar 2023 12:56:50 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame E94A 2 KB
3 KB 67ms
30ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gbpj5yh6n3bs86fhhf06141984xxjdmttjxpjya6s5qsbk90ncr1pp3r39w5repyn281x9yjvg0n3ystk5fgcwd12560y8cwkpzhcfed2r30ecf5y1zft1vd9g1f76aq8mhmbg51q21pekswzgwjwecq42nk60a501sja5zbc5pjsgagrvews1avaa6kk8x27hcg747jps4g5ye6d23p3chzqvjvhfx23tnkcx1bsa61vy5aaxrxb3rtwhwkx6xza8d3c8wc5tcg27vfyqtzmkzwaskv1m7tbn17eey7qphcw4h8t5zr7rb5r0cd425fj4ng1tfj42kcmkmw15sz5s17c291kb6ddny49zvw7v2qp342wt1mk3x7cdhqqw77w4kpmqgaev8p9m1d67dfb2erhwqa5y8t3mznvt5g6tf6rxrvx4v4e7ekrjc5dgv100wwjr8g0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_3_CElgYZNv0EseDxdwPg42ZgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MDIyMTM4NDE0ODkyNzk2yAEJqQKnhC3nouGxPqgDAaoEmAJP0MQEPuPWchFLWEmTNnqqBWL91VdP8B871OqO-uU54QNP5gkZCqysGY5YRJ9nQD20c9xyKpcVtDSSy8rdT_dtH1gM5j9NfR5ysh8BaPW7bQ1KtQ_3x4kk3aRA96JxTXdtm9NyE3EBGXbfurLMSN-FHf2UpFOyl6c8DjstxHYjOsZUUl03pwZr-8Vj7g8ggYKM1mMGEFtp9pB3eKSHwwW1NW_ZBW9-FlaZEL0w4quHCvjqb0S4dj79CzrX2eopSGZ7UBRg9oL53z1znZtEDReHHndijPy54yQdzp-hInJ_gUGhj2SJG37rsWruCAeZdfua2AEf4aq5iS6ofLXqQUJ4ZGx2IT9IWSfHHG7oJDiNWHy7s2GpbNjcgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1BgdBUvGW1Jwu36SdoDer39WliRA%26client%3Dca-pub-5022138414892796%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5022138414892796&output=html&h=250&adk=3930010116&adf=1400929148&pi=t.aa~a.2321100182~rp.2&w=310&fwrn=4&fwrnh=100&lmt=1594488153&rafmt=1&to=qs&pwprc=2737804246&format=310x250&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679317010258&bpp=1&bdt=1441&idt=2&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd4e80107da258bd9-221864a562dd00f1%3AT%3D1679317009%3ART%3D1679317009%3AS%3DALNI_MbcLjeT2o680ZPkMCZ8OLC-Pt4eZw&gpic=UID%3D00000bc974dff49a%3AT%3D1679317009%3ART%3D1679317009%3AS%3DALNI_MYOQAMv8Hz-cjjj1GFxXGkDiAYQsA&prev_fmts=0x0%2C1110x280%2C300x250%2C300x250%2C300x600%2C730x280%2C730x280&nras=4&correlator=2498721383521&frm=20&pv=1&ga_vid=758828850.1679317009&ga_sid=1679317010&ga_hid=386200701&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=2256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C42532089%2C44759837%2C31072952&oid=2&psts=AD37Y7tvdFsEhHc8V7mLQRkycMT19S1nNqjuZaEpPv7ODYl0e5_IaNgjR6vNPx05suAOqAH0rUzCWESt6BBw4NLnzDUe7UbV&pvsid=4288765480582794&tmod=1845641553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=3VlFTNOfuw&p=https%3A//theshiftnews.com&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ffceab06606daeefdbe08e41fabb1a4c39dcc5b633f4b6f9d27ee20fc094f5a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7aae1e15dec53639-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 12:56:50 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 8893 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 08:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17596
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 08:03:34 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 922B 1 KB
643 B 7ms
7ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 17:46:37 GMT
etag: 48472445140208031
expires: Mon, 20 Mar 2023 17:46:37 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 8893 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 18:07:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 18:07:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8893 0
0 15ms
15ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQDOGV_kQSwj9c8eV0qn8TdQwBRT-iro3sblEYep6SHlcDe24SDQEUuxm1Qj0KeD89DcOHi8eye9ESTAVggtL8n-NfGxw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5022138414892796&output=html&h=250&adk=3930010116&adf=1400929148&pi=t.aa~a.2321100182~rp.2&w=310&fwrn=4&fwrnh=100&lmt=1594488153&rafmt=1&to=qs&pwprc=2737804246&format=310x250&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679317010258&bpp=1&bdt=1441&idt=2&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd4e80107da258bd9-221864a562dd00f1%3AT%3D1679317009%3ART%3D1679317009%3AS%3DALNI_MbcLjeT2o680ZPkMCZ8OLC-Pt4eZw&gpic=UID%3D00000bc974dff49a%3AT%3D1679317009%3ART%3D1679317009%3AS%3DALNI_MYOQAMv8Hz-cjjj1GFxXGkDiAYQsA&prev_fmts=0x0%2C1110x280%2C300x250%2C300x250%2C300x600%2C730x280%2C730x280&nras=4&correlator=2498721383521&frm=20&pv=1&ga_vid=758828850.1679317009&ga_sid=1679317010&ga_hid=386200701&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=2256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C42532089%2C44759837%2C31072952&oid=2&psts=AD37Y7tvdFsEhHc8V7mLQRkycMT19S1nNqjuZaEpPv7ODYl0e5_IaNgjR6vNPx05suAOqAH0rUzCWESt6BBw4NLnzDUe7UbV&pvsid=4288765480582794&tmod=1845641553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=3VlFTNOfuw&p=https%3A//theshiftnews.com&dtd=7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8893 158 KB
48 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Mar 2023 12:56:50 GMT

GET
DATA 200
OK truncated
/ Frame 8893 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0ea65a36aae275c0d6063bc1e6dd9e4b2281fb9e5272b13e8da7b9dcab7c798

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 922B 35 B
464 B 28ms
9ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEM3CFlBUnf2vAENKzsrwUHc&google_cver=1&google_push=Aa02lx-ynMKf_o20WqYqQCuffRvoNOtwWD0frkm_XCTmt9ZotUXkCgHMbVSWDLy_kJyynV1Tt6gckPNV_ioe3dUyka5KT5V87KXKzsY

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 12:56:50 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 922B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECBZxoCMPsMfp34ZvjHti2M&google_push=Aa02lx9e-uS12fJAY5LAKmpMlRYIp5AYlngd5zfl58KbuemOLa1w-F5mU7...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECBZxoCMPsMfp34ZvjHti2M&google_push=Aa02lx9e-uS12fJAY5LAKmpMlRYIp5AYlngd5zfl58KbuemOLa1w-F5mU7IM8bYXzC6gx-3NVs8KUusiJv5TyIAqenaGao2GAggwHc8

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 12:56:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230073-FRA
pragma: no-cache
date: Mon, 20 Mar 2023 12:56:51 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1679317011.910069,VS0,VE91
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECBZxoCMPsMfp34ZvjHti2M&google_push=Aa02lx9e-uS12fJAY5LAKmpMlRYIp5AYlngd5zfl58KbuemOLa1w-F5mU7IM8bYXzC6gx-3NVs8KUusiJv5TyIAqenaGao2GAggwHc8
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 922B 0
173 B 60ms
17ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEK6cLNJ0ewmvNNj8g7H0wLU&google_cver=1&google_push=Aa02lx8x82X6XCsXbob7dZYjs3AeXlNtsmomLNywjAZH4KwCVqxdrYOYr51QQtTLJ6xSgQDqLI-6o7rHfxsOtu4YLr6iCJIhtHr0RM8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5022138414892796&output=html&h=250&adk=3930010116&adf=1400929148&pi=t.aa~a.2321100182~rp.2&w=310&fwrn=4&fwrnh=100&lmt=1594488153&rafmt=1&to=qs&pwprc=2737804246&format=310x250&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679317010258&bpp=1&bdt=1441&idt=2&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd4e80107da258bd9-221864a562dd00f1%3AT%3D1679317009%3ART%3D1679317009%3AS%3DALNI_MbcLjeT2o680ZPkMCZ8OLC-Pt4eZw&gpic=UID%3D00000bc974dff49a%3AT%3D1679317009%3ART%3D1679317009%3AS%3DALNI_MYOQAMv8Hz-cjjj1GFxXGkDiAYQsA&prev_fmts=0x0%2C1110x280%2C300x250%2C300x250%2C300x600%2C730x280%2C730x280&nras=4&correlator=2498721383521&frm=20&pv=1&ga_vid=758828850.1679317009&ga_sid=1679317010&ga_hid=386200701&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=2256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C42532089%2C44759837%2C31072952&oid=2&psts=AD37Y7tvdFsEhHc8V7mLQRkycMT19S1nNqjuZaEpPv7ODYl0e5_IaNgjR6vNPx05suAOqAH0rUzCWESt6BBw4NLnzDUe7UbV&pvsid=4288765480582794&tmod=1845641553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=3VlFTNOfuw&p=https%3A//theshiftnews.com&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:50 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 922B
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOtm96JJ1qAdpqv--PFUGIQ&google_cver=1&google_push=Aa02lx_9bpblwX2fobIyZn_AB-ET7xJeLcwmgy9xrgsz53xqYaVt3zruzyiBBUMrEGCEyp_DWCddntCzbP-mvHas...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ylq0P2lDRFiGhXs50Ihokg2&google_push=Aa02lx_9bpblwX2fobIyZn_AB-ET7xJeLcwmgy9xrgsz53xqYaVt3zruzyiBBUMrEGCEyp_DWCddntCzbP-mvHasoQqryhd-wjgJQpY

170 B
329 B

19ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ylq0P2lDRFiGhXs50Ihokg2&google_push=Aa02lx_9bpblwX2fobIyZn_AB-ET7xJeLcwmgy9xrgsz53xqYaVt3zruzyiBBUMrEGCEyp_DWCddntCzbP-mvHasoQqryhd-wjgJQpY

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 12:56:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 20 Mar 2023 12:56:50 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ylq0P2lDRFiGhXs50Ihokg2&google_push=Aa02lx_9bpblwX2fobIyZn_AB-ET7xJeLcwmgy9xrgsz53xqYaVt3zruzyiBBUMrEGCEyp_DWCddntCzbP-mvHasoQqryhd-wjgJQpY
x-host: tde-deliveryengine-production-86c874c4d8-f4l8s
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 922B 43 B
351 B 60ms
17ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIcdvDQGVZA6EnW2xoCP9yI&google_cver=1&google_push=Aa02lx90CpL2QfQ50UbA7lpoffdFOwVXR5_sOp_1qdMch9k_bcAcyeBKjmbFpG1RbxvoRLUY7fzBz9dJrMsRZO1bxpm79VlMSbkNq4s
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5022138414892796&output=html&h=250&adk=3930010116&adf=1400929148&pi=t.aa~a.2321100182~rp.2&w=310&fwrn=4&fwrnh=100&lmt=1594488153&rafmt=1&to=qs&pwprc=2737804246&format=310x250&url=https%3A%2F%2Ftheshiftnews.com%2F2018%2F01%2F27%2Fvitals-ownership-untangling-the-web%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679317010258&bpp=1&bdt=1441&idt=2&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd4e80107da258bd9-221864a562dd00f1%3AT%3D1679317009%3ART%3D1679317009%3AS%3DALNI_MbcLjeT2o680ZPkMCZ8OLC-Pt4eZw&gpic=UID%3D00000bc974dff49a%3AT%3D1679317009%3ART%3D1679317009%3AS%3DALNI_MYOQAMv8Hz-cjjj1GFxXGkDiAYQsA&prev_fmts=0x0%2C1110x280%2C300x250%2C300x250%2C300x600%2C730x280%2C730x280&nras=4&correlator=2498721383521&frm=20&pv=1&ga_vid=758828850.1679317009&ga_sid=1679317010&ga_hid=386200701&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=2256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C42532089%2C44759837%2C31072952&oid=2&psts=AD37Y7tvdFsEhHc8V7mLQRkycMT19S1nNqjuZaEpPv7ODYl0e5_IaNgjR6vNPx05suAOqAH0rUzCWESt6BBw4NLnzDUe7UbV&pvsid=4288765480582794&tmod=1845641553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=3VlFTNOfuw&p=https%3A//theshiftnews.com&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 12:56:50 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: q1tjb9ok7jbjetlvk7ep500eg57117g3

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 922B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECSbbX7NIpKRGpMF_PaPp0Y&google_cver=1&google_push=Aa02lx-MVBwrhSU7bMikvrSY-wdG7nRh4WGcTZjUUpBC8RrQytLpnU7XDR08gKZV9aTQE4GSsJe...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZHVFpNSkotUi03WjNL&google_push=Aa02lx-MVBwrhSU7bMikvrSY-wdG7nRh4WGcTZjUUpBC8RrQytLpnU7XDR08gKZV9aTQE4GSsJeHhFBNdNFhuOf-j5Bjax0SOL1rUA8

170 B
232 B

17ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZHVFpNSkotUi03WjNL&google_push=Aa02lx-MVBwrhSU7bMikvrSY-wdG7nRh4WGcTZjUUpBC8RrQytLpnU7XDR08gKZV9aTQE4GSsJeHhFBNdNFhuOf-j5Bjax0SOL1rUA8

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 12:56:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZHVFpNSkotUi03WjNL&google_push=Aa02lx-MVBwrhSU7bMikvrSY-wdG7nRh4WGcTZjUUpBC8RrQytLpnU7XDR08gKZV9aTQE4GSsJeHhFBNdNFhuOf-j5Bjax0SOL1rUA8
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 922B
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECEM1GWG3zeuppgau_4ldkM&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx8lgf_Av8Ak8iVKqK7aytxMcLU7bYonzSxVYTXcslWJiqzhtePecm3Z3aVXdtYmuoBUwDh9JEneoVp-1-CQGyPRHEzRC0XbpGSm
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

50ms
50ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires: Mon, 20 Mar 2023 12:56:51 GMT
pragma: no-cache
date: Mon, 20 Mar 2023 12:56:51 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 20 Mar 2023 12:56:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 922B 0
130 B 60ms
16ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JP2_ShOHgS1ruwVeqkpqx1xdabNsxzE8W9Pqat67r6tVI1-RrEk_DdiWufU5aLi3foYRd39Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame E94A 94 KB
12 KB 21ms
20ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gbpj5yh6n3bs86fhhf06141984xxjdmttjxpjya6s5qsbk90ncr1pp3r39w5repyn281x9yjvg0n3ystk5fgcwd12560y8cwkpzhcfed2r30ecf5y1zft1vd9g1f76aq8mhmbg51q21pekswzgwjwecq42nk60a501sja5zbc5pjsgagrvews1avaa6kk8x27hcg747jps4g5ye6d23p3chzqvjvhfx23tnkcx1bsa61vy5aaxrxb3rtwhwkx6xza8d3c8wc5tcg27vfyqtzmkzwaskv1m7tbn17eey7qphcw4h8t5zr7rb5r0cd425fj4ng1tfj42kcmkmw15sz5s17c291kb6ddny49zvw7v2qp342wt1mk3x7cdhqqw77w4kpmqgaev8p9m1d67dfb2erhwqa5y8t3mznvt5g6tf6rxrvx4v4e7ekrjc5dgv100wwjr8g0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_3_CElgYZNv0EseDxdwPg42ZgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MDIyMTM4NDE0ODkyNzk2yAEJqQKnhC3nouGxPqgDAaoEmAJP0MQEPuPWchFLWEmTNnqqBWL91VdP8B871OqO-uU54QNP5gkZCqysGY5YRJ9nQD20c9xyKpcVtDSSy8rdT_dtH1gM5j9NfR5ysh8BaPW7bQ1KtQ_3x4kk3aRA96JxTXdtm9NyE3EBGXbfurLMSN-FHf2UpFOyl6c8DjstxHYjOsZUUl03pwZr-8Vj7g8ggYKM1mMGEFtp9pB3eKSHwwW1NW_ZBW9-FlaZEL0w4quHCvjqb0S4dj79CzrX2eopSGZ7UBRg9oL53z1znZtEDReHHndijPy54yQdzp-hInJ_gUGhj2SJG37rsWruCAeZdfua2AEf4aq5iS6ofLXqQUJ4ZGx2IT9IWSfHHG7oJDiNWHy7s2GpbNjcgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1BgdBUvGW1Jwu36SdoDer39WliRA%26client%3Dca-pub-5022138414892796%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gbpj5yh6n3bs86fhhf06141984xxjdmttjxpjya6s5qsbk90ncr1pp3r39w5repyn281x9yjvg0n3ystk5fgcwd12560y8cwkpzhcfed2r30ecf5y1zft1vd9g1f76aq8mhmbg51q21pekswzgwjwecq42nk60a501sja5zbc5pjsgagrvews1avaa6kk8x27hcg747jps4g5ye6d23p3chzqvjvhfx23tnkcx1bsa61vy5aaxrxb3rtwhwkx6xza8d3c8wc5tcg27vfyqtzmkzwaskv1m7tbn17eey7qphcw4h8t5zr7rb5r0cd425fj4ng1tfj42kcmkmw15sz5s17c291kb6ddny49zvw7v2qp342wt1mk3x7cdhqqw77w4kpmqgaev8p9m1d67dfb2erhwqa5y8t3mznvt5g6tf6rxrvx4v4e7ekrjc5dgv100wwjr8g0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_3_CElgYZNv0EseDxdwPg42ZgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MDIyMTM4NDE0ODkyNzk2yAEJqQKnhC3nouGxPqgDAaoEmAJP0MQEPuPWchFLWEmTNnqqBWL91VdP8B871OqO-uU54QNP5gkZCqysGY5YRJ9nQD20c9xyKpcVtDSSy8rdT_dtH1gM5j9NfR5ysh8BaPW7bQ1KtQ_3x4kk3aRA96JxTXdtm9NyE3EBGXbfurLMSN-FHf2UpFOyl6c8DjstxHYjOsZUUl03pwZr-8Vj7g8ggYKM1mMGEFtp9pB3eKSHwwW1NW_ZBW9-FlaZEL0w4quHCvjqb0S4dj79CzrX2eopSGZ7UBRg9oL53z1znZtEDReHHndijPy54yQdzp-hInJ_gUGhj2SJG37rsWruCAeZdfua2AEf4aq5iS6ofLXqQUJ4ZGx2IT9IWSfHHG7oJDiNWHy7s2GpbNjcgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1BgdBUvGW1Jwu36SdoDer39WliRA%26client%3Dca-pub-5022138414892796%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1677666448
age: 440598
cf-polished: origSize=96968
x-guploader-uploadid: ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 10:28:06 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1677666486645030
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uzfj6rdaTDGzLYNtFDwydlKDI5oKMpuBTmA0z9RCslo3gWnLFZTY8FI%2Fy9RYo%2Bpy7U8LUH%2Fqd%2B%2FlsrGH13e3WT5pjvlpEF58x72emUCpIyYJ9Otp8q8agSeMQj4xT%2BmlucSYF1Ha8ps%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7aae1e161f1f3639-FRA
expires: Mon, 20 Mar 2023 13:56:50 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame E94A 25 KB
10 KB 31ms
23ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gbpj5yh6n3bs86fhhf06141984xxjdmttjxpjya6s5qsbk90ncr1pp3r39w5repyn281x9yjvg0n3ystk5fgcwd12560y8cwkpzhcfed2r30ecf5y1zft1vd9g1f76aq8mhmbg51q21pekswzgwjwecq42nk60a501sja5zbc5pjsgagrvews1avaa6kk8x27hcg747jps4g5ye6d23p3chzqvjvhfx23tnkcx1bsa61vy5aaxrxb3rtwhwkx6xza8d3c8wc5tcg27vfyqtzmkzwaskv1m7tbn17eey7qphcw4h8t5zr7rb5r0cd425fj4ng1tfj42kcmkmw15sz5s17c291kb6ddny49zvw7v2qp342wt1mk3x7cdhqqw77w4kpmqgaev8p9m1d67dfb2erhwqa5y8t3mznvt5g6tf6rxrvx4v4e7ekrjc5dgv100wwjr8g0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_3_CElgYZNv0EseDxdwPg42ZgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MDIyMTM4NDE0ODkyNzk2yAEJqQKnhC3nouGxPqgDAaoEmAJP0MQEPuPWchFLWEmTNnqqBWL91VdP8B871OqO-uU54QNP5gkZCqysGY5YRJ9nQD20c9xyKpcVtDSSy8rdT_dtH1gM5j9NfR5ysh8BaPW7bQ1KtQ_3x4kk3aRA96JxTXdtm9NyE3EBGXbfurLMSN-FHf2UpFOyl6c8DjstxHYjOsZUUl03pwZr-8Vj7g8ggYKM1mMGEFtp9pB3eKSHwwW1NW_ZBW9-FlaZEL0w4quHCvjqb0S4dj79CzrX2eopSGZ7UBRg9oL53z1znZtEDReHHndijPy54yQdzp-hInJ_gUGhj2SJG37rsWruCAeZdfua2AEf4aq5iS6ofLXqQUJ4ZGx2IT9IWSfHHG7oJDiNWHy7s2GpbNjcgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1BgdBUvGW1Jwu36SdoDer39WliRA%26client%3Dca-pub-5022138414892796%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 515473
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdF6uHvw1QGAziF8bIBN4mxdpZtZzAaWu2E9SotuBocf7DlB6QpBJHFCKvpdCRj%2FxFLz22%2FeKkMSZvVcybxgTvKVVVmzbyRTC03NqVTMtLik4UnBzg%2F%2Bs8D1bfUslpLHRTCSC4I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7aae1e162f263639-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 14 Mar 2023 13:45:37 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame E94A 3 KB
4 KB 45ms
19ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3437
x-guploader-uploadid: ADPycdvPzNjMo9AIUALoUqTWKJBNPOB_RfD71QBfUIwWWIDnAMaYGqyuQcsztbvDytgCKvsyldbe2I5ti2IHjt-ZsBHiHA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9J%2FinzncSr14Y%2B%2FoFjAo8Jpf6EIASChumglv9643ixFrWIDo1gehisePcCtbqzWzndS2VakIpTyxi2s0f3zZhT3i%2FWN3T2E31X1CRPUpMaueinbJRG55%2BcY6lKI23s4%2BhdeGPnH3LjVSCk6VPfkMIS5"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7aae1e167cb80493-FRA
expires: Mon, 20 Mar 2023 12:04:59 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame B935 2 KB
1 KB 20ms
20ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 676375
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7aae1e165bc6bb50-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 20 Mar 2023 12:56:50 GMT
expires: Mon, 27 Feb 2023 21:37:06 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsCZGegU55bUbJl%2BeVkdrjGggAFByu%2B0XwBBHy9tXC1vLpf4qgH8OCA%2BPlg7x2ReMfysjApO%2FSPazbvm3SDCg8tZKK8oaZhKox%2BTqM8umvblN5x%2B%2FICDhfayYZQyVDFi%2BkqHRBI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame E94A 2 KB
2 KB 42ms
40ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae7408f2101830f31699e5550dddfa41f5bb7c8c07c8a72b1ce3642f744e007f

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Mar 2023 12:56:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdI4mXv5q1qpVDWsFwL%2FSnPUFg2XOTiHNpSJmLSfc%2FgnZuwUDN01MPqACUjp9c7EG0Z99j4lXo0Ne20rgEfw8%2B857DiZjML76Rvx3E3ZjizuXne%2FhPYwB6i0H7v5L7s8IAUYm6I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7aae1e16c97f921a-FRA
x-backend-server: aa-reachservice-group-europe-west1-knx2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 40ms
29ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7aae1e169945921a-FRA
content-length: 24
content-type: text/plain
date: Mon, 20 Mar 2023 12:56:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fly6Mf3RgTq318MYZ6dXTjEudbC0RGxCe4zFbIdhSNelwk%2Bpz7a%2FzyZVvSa7kEP9cyj7Rw1lP0cSOX2D8HvVWXZQPFT1cDvUc2dRtwsPwQyit12gCmJUpt6YS78PJozdW075EWs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-knx2

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 54ms
53ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230315&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7f2d1c10677ab9e4124a855cd2e4d21b22592be42177ba38ee11d094322554b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11228
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Mar 2023 12:56:51 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 7841 9 KB
4 KB 31ms
30ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=db132527245ae22d8ed198df8442d099%2F11299962328024895369&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1679317011031&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5fs1ss42rw5psjfqhxtf5f8y0c4b5m2719gwrh11h813vw0b7vamdge39qf8qx9gsgtxxg18sz4ks0j9d5nw01ceecr0rhytryvj47zfe11dr37p3x8fkqpx2vgvpkeyb1s6y6jzbzqyf7fdq8qthyr43r43s776k2spnasfy6agpp3rzv9149zm5q0c9hd5sm9cddc7bt553za4ekw9mee9zed5dqaw685kt0afj3rg31yjdcc38nqzm7yqtdtnygvv36ntvsfadnwjw342wf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_3_CElgYZNv0EseDxdwPg42ZgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MDIyMTM4NDE0ODkyNzk2yAEJqQKnhC3nouGxPqgDAaoEmAJP0MQEPuPWchFLWEmTNnqqBWL91VdP8B871OqO-uU54QNP5gkZCqysGY5YRJ9nQD20c9xyKpcVtDSSy8rdT_dtH1gM5j9NfR5ysh8BaPW7bQ1KtQ_3x4kk3aRA96JxTXdtm9NyE3EBGXbfurLMSN-FHf2UpFOyl6c8DjstxHYjOsZUUl03pwZr-8Vj7g8ggYKM1mMGEFtp9pB3eKSHwwW1NW_ZBW9-FlaZEL0w4quHCvjqb0S4dj79CzrX2eopSGZ7UBRg9oL53z1znZtEDReHHndijPy54yQdzp-hInJ_gUGhj2SJG37rsWruCAeZdfua2AEf4aq5iS6ofLXqQUJ4ZGx2IT9IWSfHHG7oJDiNWHy7s2GpbNjcgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1BgdBUvGW1Jwu36SdoDer39WliRA%2526client%253Dca-pub-5022138414892796%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6cfbb6ad69cac182f20b4ab6e1956a1b4d86ba53feed87d2aa4f4b88a63a939

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gbpj5yh6n3bs86fhhf06141984xxjdmttjxpjya6s5qsbk90ncr1pp3r39w5repyn281x9yjvg0n3ystk5fgcwd12560y8cwkpzhcfed2r30ecf5y1zft1vd9g1f76aq8mhmbg51q21pekswzgwjwecq42nk60a501sja5zbc5pjsgagrvews1avaa6kk8x27hcg747jps4g5ye6d23p3chzqvjvhfx23tnkcx1bsa61vy5aaxrxb3rtwhwkx6xza8d3c8wc5tcg27vfyqtzmkzwaskv1m7tbn17eey7qphcw4h8t5zr7rb5r0cd425fj4ng1tfj42kcmkmw15sz5s17c291kb6ddny49zvw7v2qp342wt1mk3x7cdhqqw77w4kpmqgaev8p9m1d67dfb2erhwqa5y8t3mznvt5g6tf6rxrvx4v4e7ekrjc5dgv100wwjr8g0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_3_CElgYZNv0EseDxdwPg42ZgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MDIyMTM4NDE0ODkyNzk2yAEJqQKnhC3nouGxPqgDAaoEmAJP0MQEPuPWchFLWEmTNnqqBWL91VdP8B871OqO-uU54QNP5gkZCqysGY5YRJ9nQD20c9xyKpcVtDSSy8rdT_dtH1gM5j9NfR5ysh8BaPW7bQ1KtQ_3x4kk3aRA96JxTXdtm9NyE3EBGXbfurLMSN-FHf2UpFOyl6c8DjstxHYjOsZUUl03pwZr-8Vj7g8ggYKM1mMGEFtp9pB3eKSHwwW1NW_ZBW9-FlaZEL0w4quHCvjqb0S4dj79CzrX2eopSGZ7UBRg9oL53z1znZtEDReHHndijPy54yQdzp-hInJ_gUGhj2SJG37rsWruCAeZdfua2AEf4aq5iS6ofLXqQUJ4ZGx2IT9IWSfHHG7oJDiNWHy7s2GpbNjcgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1BgdBUvGW1Jwu36SdoDer39WliRA%26client%3Dca-pub-5022138414892796%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7aae1e171c8ebb50-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 12:56:51 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BC71 13 KB
5 KB 10ms
8ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theshiftnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 10:33:15 GMT
expires: Tue, 19 Mar 2024 10:33:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C6E3 783 B
536 B 19ms
17ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d5c16fb430da47c45f8aad57e4598f204514a91f79095fa14bb5ec7e14e55305

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pApQuf_eGGzYtR__WMRB6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theshiftnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-pApQuf_eGGzYtR__WMRB6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 12:56:51 GMT
expires: Mon, 20 Mar 2023 12:56:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 7841 94 KB
12 KB 24ms
23ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=db132527245ae22d8ed198df8442d099%2F11299962328024895369&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1679317011031&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5fs1ss42rw5psjfqhxtf5f8y0c4b5m2719gwrh11h813vw0b7vamdge39qf8qx9gsgtxxg18sz4ks0j9d5nw01ceecr0rhytryvj47zfe11dr37p3x8fkqpx2vgvpkeyb1s6y6jzbzqyf7fdq8qthyr43r43s776k2spnasfy6agpp3rzv9149zm5q0c9hd5sm9cddc7bt553za4ekw9mee9zed5dqaw685kt0afj3rg31yjdcc38nqzm7yqtdtnygvv36ntvsfadnwjw342wf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_3_CElgYZNv0EseDxdwPg42ZgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MDIyMTM4NDE0ODkyNzk2yAEJqQKnhC3nouGxPqgDAaoEmAJP0MQEPuPWchFLWEmTNnqqBWL91VdP8B871OqO-uU54QNP5gkZCqysGY5YRJ9nQD20c9xyKpcVtDSSy8rdT_dtH1gM5j9NfR5ysh8BaPW7bQ1KtQ_3x4kk3aRA96JxTXdtm9NyE3EBGXbfurLMSN-FHf2UpFOyl6c8DjstxHYjOsZUUl03pwZr-8Vj7g8ggYKM1mMGEFtp9pB3eKSHwwW1NW_ZBW9-FlaZEL0w4quHCvjqb0S4dj79CzrX2eopSGZ7UBRg9oL53z1znZtEDReHHndijPy54yQdzp-hInJ_gUGhj2SJG37rsWruCAeZdfua2AEf4aq5iS6ofLXqQUJ4ZGx2IT9IWSfHHG7oJDiNWHy7s2GpbNjcgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1BgdBUvGW1Jwu36SdoDer39WliRA%2526client%253Dca-pub-5022138414892796%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=db132527245ae22d8ed198df8442d099%2F11299962328024895369&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1679317011031&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5fs1ss42rw5psjfqhxtf5f8y0c4b5m2719gwrh11h813vw0b7vamdge39qf8qx9gsgtxxg18sz4ks0j9d5nw01ceecr0rhytryvj47zfe11dr37p3x8fkqpx2vgvpkeyb1s6y6jzbzqyf7fdq8qthyr43r43s776k2spnasfy6agpp3rzv9149zm5q0c9hd5sm9cddc7bt553za4ekw9mee9zed5dqaw685kt0afj3rg31yjdcc38nqzm7yqtdtnygvv36ntvsfadnwjw342wf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_3_CElgYZNv0EseDxdwPg42ZgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MDIyMTM4NDE0ODkyNzk2yAEJqQKnhC3nouGxPqgDAaoEmAJP0MQEPuPWchFLWEmTNnqqBWL91VdP8B871OqO-uU54QNP5gkZCqysGY5YRJ9nQD20c9xyKpcVtDSSy8rdT_dtH1gM5j9NfR5ysh8BaPW7bQ1KtQ_3x4kk3aRA96JxTXdtm9NyE3EBGXbfurLMSN-FHf2UpFOyl6c8DjstxHYjOsZUUl03pwZr-8Vj7g8ggYKM1mMGEFtp9pB3eKSHwwW1NW_ZBW9-FlaZEL0w4quHCvjqb0S4dj79CzrX2eopSGZ7UBRg9oL53z1znZtEDReHHndijPy54yQdzp-hInJ_gUGhj2SJG37rsWruCAeZdfua2AEf4aq5iS6ofLXqQUJ4ZGx2IT9IWSfHHG7oJDiNWHy7s2GpbNjcgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1BgdBUvGW1Jwu36SdoDer39WliRA%2526client%253Dca-pub-5022138414892796%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1677666448
age: 440599
cf-polished: origSize=96968
x-guploader-uploadid: ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 10:28:06 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1677666486645030
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRRMVgHVxGoc8ZIRfGtp1xUQIo%2Bb4XnzcJqTXmJ4f2owisRXQ%2Fqop%2FhqP9sxviSXUmGMA1%2B8EYVHo5yv%2BcXVVhjEL9%2BmPvrIRNXoMpnOyt0iltaVj%2BX0vE6MQRN4w4w965rAFQAm3Qw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7aae1e175ce2bb50-FRA
expires: Mon, 20 Mar 2023 13:56:51 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 7841 2 KB
3 KB 36ms
26ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=db132527245ae22d8ed198df8442d099%2F11299962328024895369&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1679317011031&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5fs1ss42rw5psjfqhxtf5f8y0c4b5m2719gwrh11h813vw0b7vamdge39qf8qx9gsgtxxg18sz4ks0j9d5nw01ceecr0rhytryvj47zfe11dr37p3x8fkqpx2vgvpkeyb1s6y6jzbzqyf7fdq8qthyr43r43s776k2spnasfy6agpp3rzv9149zm5q0c9hd5sm9cddc7bt553za4ekw9mee9zed5dqaw685kt0afj3rg31yjdcc38nqzm7yqtdtnygvv36ntvsfadnwjw342wf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_3_CElgYZNv0EseDxdwPg42ZgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MDIyMTM4NDE0ODkyNzk2yAEJqQKnhC3nouGxPqgDAaoEmAJP0MQEPuPWchFLWEmTNnqqBWL91VdP8B871OqO-uU54QNP5gkZCqysGY5YRJ9nQD20c9xyKpcVtDSSy8rdT_dtH1gM5j9NfR5ysh8BaPW7bQ1KtQ_3x4kk3aRA96JxTXdtm9NyE3EBGXbfurLMSN-FHf2UpFOyl6c8DjstxHYjOsZUUl03pwZr-8Vj7g8ggYKM1mMGEFtp9pB3eKSHwwW1NW_ZBW9-FlaZEL0w4quHCvjqb0S4dj79CzrX2eopSGZ7UBRg9oL53z1znZtEDReHHndijPy54yQdzp-hInJ_gUGhj2SJG37rsWruCAeZdfua2AEf4aq5iS6ofLXqQUJ4ZGx2IT9IWSfHHG7oJDiNWHy7s2GpbNjcgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1BgdBUvGW1Jwu36SdoDer39WliRA%2526client%253Dca-pub-5022138414892796%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1409760
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2ZuOfudQOJc9IADsHwQvZgIO%2BqnZf6gFfgoYiH3ryE3RxM%2B4D2G8Xo4Yp3%2F1gl3PiyD7a7BWb20uC9NUdvqb8D%2FwW7zaZoIoaDUBVq1gPUnno%2B7lNEBH4SRHerq5%2B4FhoPPlchmSWHOmzrw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7aae1e1768f63639-FRA
expires: Tue, 21 Mar 2023 12:56:51 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 7841 339 KB
340 KB 22ms
21ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=db132527245ae22d8ed198df8442d099%2F11299962328024895369&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1679317011031&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5fs1ss42rw5psjfqhxtf5f8y0c4b5m2719gwrh11h813vw0b7vamdge39qf8qx9gsgtxxg18sz4ks0j9d5nw01ceecr0rhytryvj47zfe11dr37p3x8fkqpx2vgvpkeyb1s6y6jzbzqyf7fdq8qthyr43r43s776k2spnasfy6agpp3rzv9149zm5q0c9hd5sm9cddc7bt553za4ekw9mee9zed5dqaw685kt0afj3rg31yjdcc38nqzm7yqtdtnygvv36ntvsfadnwjw342wf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_3_CElgYZNv0EseDxdwPg42ZgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MDIyMTM4NDE0ODkyNzk2yAEJqQKnhC3nouGxPqgDAaoEmAJP0MQEPuPWchFLWEmTNnqqBWL91VdP8B871OqO-uU54QNP5gkZCqysGY5YRJ9nQD20c9xyKpcVtDSSy8rdT_dtH1gM5j9NfR5ysh8BaPW7bQ1KtQ_3x4kk3aRA96JxTXdtm9NyE3EBGXbfurLMSN-FHf2UpFOyl6c8DjstxHYjOsZUUl03pwZr-8Vj7g8ggYKM1mMGEFtp9pB3eKSHwwW1NW_ZBW9-FlaZEL0w4quHCvjqb0S4dj79CzrX2eopSGZ7UBRg9oL53z1znZtEDReHHndijPy54yQdzp-hInJ_gUGhj2SJG37rsWruCAeZdfua2AEf4aq5iS6ofLXqQUJ4ZGx2IT9IWSfHHG7oJDiNWHy7s2GpbNjcgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1BgdBUvGW1Jwu36SdoDer39WliRA%2526client%253Dca-pub-5022138414892796%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1409760
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rp7m94Jk5qdNLQ8O7694RcuAQx%2BoAlYbRn4oGuoLu0GUuyEVAeA0F3dQhfazpryqznF5n8K6mUpCjeCFCXV%2FkAqjdG1JsZF8DlZ%2BJeHMNeSpBAflB3nWAR%2FLvnbKnM1iJ%2BWz2xwsEieeMBpS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7aae1e1768f53639-FRA
expires: Tue, 21 Mar 2023 12:56:51 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 7841 43 B
705 B 211ms
60ms Image
image/gif 104.77.35.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=db132527245ae22d8ed198df8442d099%2F11299962328024895369&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1679317011031&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5fs1ss42rw5psjfqhxtf5f8y0c4b5m2719gwrh11h813vw0b7vamdge39qf8qx9gsgtxxg18sz4ks0j9d5nw01ceecr0rhytryvj47zfe11dr37p3x8fkqpx2vgvpkeyb1s6y6jzbzqyf7fdq8qthyr43r43s776k2spnasfy6agpp3rzv9149zm5q0c9hd5sm9cddc7bt553za4ekw9mee9zed5dqaw685kt0afj3rg31yjdcc38nqzm7yqtdtnygvv36ntvsfadnwjw342wf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_3_CElgYZNv0EseDxdwPg42ZgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MDIyMTM4NDE0ODkyNzk2yAEJqQKnhC3nouGxPqgDAaoEmAJP0MQEPuPWchFLWEmTNnqqBWL91VdP8B871OqO-uU54QNP5gkZCqysGY5YRJ9nQD20c9xyKpcVtDSSy8rdT_dtH1gM5j9NfR5ysh8BaPW7bQ1KtQ_3x4kk3aRA96JxTXdtm9NyE3EBGXbfurLMSN-FHf2UpFOyl6c8DjstxHYjOsZUUl03pwZr-8Vj7g8ggYKM1mMGEFtp9pB3eKSHwwW1NW_ZBW9-FlaZEL0w4quHCvjqb0S4dj79CzrX2eopSGZ7UBRg9oL53z1znZtEDReHHndijPy54yQdzp-hInJ_gUGhj2SJG37rsWruCAeZdfua2AEf4aq5iS6ofLXqQUJ4ZGx2IT9IWSfHHG7oJDiNWHy7s2GpbNjcgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1BgdBUvGW1Jwu36SdoDer39WliRA%2526client%253Dca-pub-5022138414892796%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.77.35.11 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-35-11.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Mar 2023 12:56:51 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 7841 53 KB
54 KB 18ms
17ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=db132527245ae22d8ed198df8442d099%2F11299962328024895369&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1679317011031&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5fs1ss42rw5psjfqhxtf5f8y0c4b5m2719gwrh11h813vw0b7vamdge39qf8qx9gsgtxxg18sz4ks0j9d5nw01ceecr0rhytryvj47zfe11dr37p3x8fkqpx2vgvpkeyb1s6y6jzbzqyf7fdq8qthyr43r43s776k2spnasfy6agpp3rzv9149zm5q0c9hd5sm9cddc7bt553za4ekw9mee9zed5dqaw685kt0afj3rg31yjdcc38nqzm7yqtdtnygvv36ntvsfadnwjw342wf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_3_CElgYZNv0EseDxdwPg42ZgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MDIyMTM4NDE0ODkyNzk2yAEJqQKnhC3nouGxPqgDAaoEmAJP0MQEPuPWchFLWEmTNnqqBWL91VdP8B871OqO-uU54QNP5gkZCqysGY5YRJ9nQD20c9xyKpcVtDSSy8rdT_dtH1gM5j9NfR5ysh8BaPW7bQ1KtQ_3x4kk3aRA96JxTXdtm9NyE3EBGXbfurLMSN-FHf2UpFOyl6c8DjstxHYjOsZUUl03pwZr-8Vj7g8ggYKM1mMGEFtp9pB3eKSHwwW1NW_ZBW9-FlaZEL0w4quHCvjqb0S4dj79CzrX2eopSGZ7UBRg9oL53z1znZtEDReHHndijPy54yQdzp-hInJ_gUGhj2SJG37rsWruCAeZdfua2AEf4aq5iS6ofLXqQUJ4ZGx2IT9IWSfHHG7oJDiNWHy7s2GpbNjcgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1BgdBUvGW1Jwu36SdoDer39WliRA%2526client%253Dca-pub-5022138414892796%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1409760
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54554
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rsuP8iyNtBHPK3AF3ig4e2GhO3gSDEBadMK3pQ985XCMstOxz3eftTo%2FCNad59S3r9udaGPw1LzYUGxNl2e8b8SwjMnA2yHjm7b3WxnLlaVvj3TthYLKmqLm538tFqYz4Gp8%2B8aHKdX7%2BU9l"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7aae1e1768ed3639-FRA
expires: Tue, 21 Mar 2023 12:56:51 GMT

GET
H2 200 94776D1EA84A2C016C3E2F4F2FF5CAFAE59DCE9271B62B383432451DCE910FAAE81B73D3436E567532B91B0BB75A1A9BC40155D0E940C698B45E520EC40D2A19
assets.ad4m.at/product_image/ Frame 7841 10 KB
11 KB 21ms
20ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/94776D1EA84A2C016C3E2F4F2FF5CAFAE59DCE9271B62B383432451DCE910FAAE81B73D3436E567532B91B0BB75A1A9BC40155D0E940C698B45E520EC40D2A19
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=db132527245ae22d8ed198df8442d099%2F11299962328024895369&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1679317011031&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5fs1ss42rw5psjfqhxtf5f8y0c4b5m2719gwrh11h813vw0b7vamdge39qf8qx9gsgtxxg18sz4ks0j9d5nw01ceecr0rhytryvj47zfe11dr37p3x8fkqpx2vgvpkeyb1s6y6jzbzqyf7fdq8qthyr43r43s776k2spnasfy6agpp3rzv9149zm5q0c9hd5sm9cddc7bt553za4ekw9mee9zed5dqaw685kt0afj3rg31yjdcc38nqzm7yqtdtnygvv36ntvsfadnwjw342wf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_3_CElgYZNv0EseDxdwPg42ZgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MDIyMTM4NDE0ODkyNzk2yAEJqQKnhC3nouGxPqgDAaoEmAJP0MQEPuPWchFLWEmTNnqqBWL91VdP8B871OqO-uU54QNP5gkZCqysGY5YRJ9nQD20c9xyKpcVtDSSy8rdT_dtH1gM5j9NfR5ysh8BaPW7bQ1KtQ_3x4kk3aRA96JxTXdtm9NyE3EBGXbfurLMSN-FHf2UpFOyl6c8DjstxHYjOsZUUl03pwZr-8Vj7g8ggYKM1mMGEFtp9pB3eKSHwwW1NW_ZBW9-FlaZEL0w4quHCvjqb0S4dj79CzrX2eopSGZ7UBRg9oL53z1znZtEDReHHndijPy54yQdzp-hInJ_gUGhj2SJG37rsWruCAeZdfua2AEf4aq5iS6ofLXqQUJ4ZGx2IT9IWSfHHG7oJDiNWHy7s2GpbNjcgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1BgdBUvGW1Jwu36SdoDer39WliRA%2526client%253Dca-pub-5022138414892796%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aa4aec3bf9cf0b1c0b6ac8db92c9c0126c3642e0ceb730601a0d2db7083cac3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1408870
cf-polished: qual=85, origFmt=jpeg, origSize=57873
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10528
cf-bgj: imgq:85,h2pri
last-modified: Tue, 19 Oct 2021 12:57:42 GMT
server: cloudflare
etag: "cbdcca70875184d14fb32ad75cb24482"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxFYLQoMssGg8ucdtXlIVwfm9HZ3Mn2NwAKxib7P9thpttIo4yEysIkuw7UVaxXqx%2FtwpyvZAF9BQA3Qwpab0LrZT19p86RzoIjpae7Wpt5aBJM89ubjHXuCxvHUvueIqPVtiBYT03wMIZHj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7aae1e1768ef3639-FRA
expires: Tue, 21 Mar 2023 12:56:51 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 7841
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CMDZqK_H6v0CFXmDgwcd3GAPDw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023032013565183038696175X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite...

49 B
1 KB

75ms
18ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023032013565183038696175X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023032013565183038696175X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=db132527245ae22d8ed198df8442d099%2F11299962328024895369&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1679317011031&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5fs1ss42rw5psjfqhxtf5f8y0c4b5m2719gwrh11h813vw0b7vamdge39qf8qx9gsgtxxg18sz4ks0j9d5nw01ceecr0rhytryvj47zfe11dr37p3x8fkqpx2vgvpkeyb1s6y6jzbzqyf7fdq8qthyr43r43s776k2spnasfy6agpp3rzv9149zm5q0c9hd5sm9cddc7bt553za4ekw9mee9zed5dqaw685kt0afj3rg31yjdcc38nqzm7yqtdtnygvv36ntvsfadnwjw342wf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_3_CElgYZNv0EseDxdwPg42ZgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MDIyMTM4NDE0ODkyNzk2yAEJqQKnhC3nouGxPqgDAaoEmAJP0MQEPuPWchFLWEmTNnqqBWL91VdP8B871OqO-uU54QNP5gkZCqysGY5YRJ9nQD20c9xyKpcVtDSSy8rdT_dtH1gM5j9NfR5ysh8BaPW7bQ1KtQ_3x4kk3aRA96JxTXdtm9NyE3EBGXbfurLMSN-FHf2UpFOyl6c8DjstxHYjOsZUUl03pwZr-8Vj7g8ggYKM1mMGEFtp9pB3eKSHwwW1NW_ZBW9-FlaZEL0w4quHCvjqb0S4dj79CzrX2eopSGZ7UBRg9oL53z1znZtEDReHHndijPy54yQdzp-hInJ_gUGhj2SJG37rsWruCAeZdfua2AEf4aq5iS6ofLXqQUJ4ZGx2IT9IWSfHHG7oJDiNWHy7s2GpbNjcgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1BgdBUvGW1Jwu36SdoDer39WliRA%2526client%253Dca-pub-5022138414892796%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 20 Mar 2023 12:56:51 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023032013565183038696175X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023032013565183038696175X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
date: Mon, 20 Mar 2023 12:56:51 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 7841 44 KB
44 KB 34ms
33ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=db132527245ae22d8ed198df8442d099%2F11299962328024895369&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1679317011031&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5fs1ss42rw5psjfqhxtf5f8y0c4b5m2719gwrh11h813vw0b7vamdge39qf8qx9gsgtxxg18sz4ks0j9d5nw01ceecr0rhytryvj47zfe11dr37p3x8fkqpx2vgvpkeyb1s6y6jzbzqyf7fdq8qthyr43r43s776k2spnasfy6agpp3rzv9149zm5q0c9hd5sm9cddc7bt553za4ekw9mee9zed5dqaw685kt0afj3rg31yjdcc38nqzm7yqtdtnygvv36ntvsfadnwjw342wf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_3_CElgYZNv0EseDxdwPg42ZgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MDIyMTM4NDE0ODkyNzk2yAEJqQKnhC3nouGxPqgDAaoEmAJP0MQEPuPWchFLWEmTNnqqBWL91VdP8B871OqO-uU54QNP5gkZCqysGY5YRJ9nQD20c9xyKpcVtDSSy8rdT_dtH1gM5j9NfR5ysh8BaPW7bQ1KtQ_3x4kk3aRA96JxTXdtm9NyE3EBGXbfurLMSN-FHf2UpFOyl6c8DjstxHYjOsZUUl03pwZr-8Vj7g8ggYKM1mMGEFtp9pB3eKSHwwW1NW_ZBW9-FlaZEL0w4quHCvjqb0S4dj79CzrX2eopSGZ7UBRg9oL53z1znZtEDReHHndijPy54yQdzp-hInJ_gUGhj2SJG37rsWruCAeZdfua2AEf4aq5iS6ofLXqQUJ4ZGx2IT9IWSfHHG7oJDiNWHy7s2GpbNjcgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1BgdBUvGW1Jwu36SdoDer39WliRA%2526client%253Dca-pub-5022138414892796%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1409760
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02QVsPZcRG6IMQBXd2tkM7EmyEohlG5DyDPe1gyC76tL3fA5mKfwTg2WwGkznsEzBLIVIoQ1ND%2Fnl%2BL2Bmw9iK92gf1eYmaU5QokFEFCM1AMXaosjs1aFzNqDx03e65CJyb9i8%2Fqu7HmlyZT"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7aae1e1768f13639-FRA
expires: Tue, 21 Mar 2023 12:56:51 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 7841 222 KB
222 KB 27ms
26ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=db132527245ae22d8ed198df8442d099%2F11299962328024895369&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1679317011031&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5fs1ss42rw5psjfqhxtf5f8y0c4b5m2719gwrh11h813vw0b7vamdge39qf8qx9gsgtxxg18sz4ks0j9d5nw01ceecr0rhytryvj47zfe11dr37p3x8fkqpx2vgvpkeyb1s6y6jzbzqyf7fdq8qthyr43r43s776k2spnasfy6agpp3rzv9149zm5q0c9hd5sm9cddc7bt553za4ekw9mee9zed5dqaw685kt0afj3rg31yjdcc38nqzm7yqtdtnygvv36ntvsfadnwjw342wf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_3_CElgYZNv0EseDxdwPg42ZgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MDIyMTM4NDE0ODkyNzk2yAEJqQKnhC3nouGxPqgDAaoEmAJP0MQEPuPWchFLWEmTNnqqBWL91VdP8B871OqO-uU54QNP5gkZCqysGY5YRJ9nQD20c9xyKpcVtDSSy8rdT_dtH1gM5j9NfR5ysh8BaPW7bQ1KtQ_3x4kk3aRA96JxTXdtm9NyE3EBGXbfurLMSN-FHf2UpFOyl6c8DjstxHYjOsZUUl03pwZr-8Vj7g8ggYKM1mMGEFtp9pB3eKSHwwW1NW_ZBW9-FlaZEL0w4quHCvjqb0S4dj79CzrX2eopSGZ7UBRg9oL53z1znZtEDReHHndijPy54yQdzp-hInJ_gUGhj2SJG37rsWruCAeZdfua2AEf4aq5iS6ofLXqQUJ4ZGx2IT9IWSfHHG7oJDiNWHy7s2GpbNjcgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1BgdBUvGW1Jwu36SdoDer39WliRA%2526client%253Dca-pub-5022138414892796%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1409760
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226950
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owFdrzNJN42LSq2Buw8Ti4V2oUnzA1%2FVJ1x9v701I9m3EBT4rHh%2BLAGSN0VVJGelKHimT%2FvGONWcDKxEqEuRYkpuJ1HOWZaiBHqcwbgDIS%2BuXmfnrmIxV7YOB6cqkG7xXLuYbItnCO6jeyK2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7aae1e1768f33639-FRA
expires: Tue, 21 Mar 2023 12:56:51 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 7841
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1679317011_aec0ca50-c71e-11ed-b339-2265b7c46fb7&insert=AW&&gdpr=0&gdpr_consent=

0
476 B

47ms
19ms

Image
text/plain

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1679317011_aec0ca50-c71e-11ed-b339-2265b7c46fb7&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:51 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
cache-control: no-cache
cf-ray: 7aae1e192affbb80-FRA
content-length: 0
expires: -1

Redirect headers

Date: Mon, 20 Mar 2023 12:56:51 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1679317011_aec0ca50-c71e-11ed-b339-2265b7c46fb7&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js Show response
pagead2.googlesyndication.com/bg/ Frame BC71 36 KB
14 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b28d70bd0f1f6e31d2b809516a0291521eb5cca9881f7a63ea38886e66cbed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:06:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14123
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 12:06:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C6E3 0
0 44ms
44ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230315&jk=4288765480582794&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BC71 0
10 B 8ms
7ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GVW2wA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3885 42 B
64 B 48ms
48ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRb0hXf07lPTGlv4GokJEtn4qh5pGcKgN2StAO3Cr22-IeZFbHHF1D00SRt15cFrI77hLemZbCI6HSGfd4DGwMcvMe1-7pPnlRtGs-nrPwjD9EFGKx6vmsrRH79n3EReIGXSM7wA&sai=AMfl-YTuH4-qpkrFbj7nmWI5V1SLXlxBJaoUtELGl_nNq4v8z5VHNpfIcHBDy6mqsnHUgukK6Us7uKCjzTo-&sig=Cg0ArKJSzP6Nbak6xo6xEAE&cid=CAQSGwDUE5ymiYv4or0vbmaHfnRL3s5ne_C133VfqxgB&id=lidar2&mcvt=1000&p=0,0,280,1110&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230315&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1402653840&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679317009546&rpt=1032&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 12:56:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5F73 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstPOKgoTX-XlJChFj7qkXWrbDcPXYvVZAgohOBNJIeG0nZoo_04BUH7iK-jYdCir_safmP-4xHw-Ixa9l6w-OY3dvaa9U8yX-32pUQcP-a2WskLwKCD7z-vL2hVmoYVbk_z3TD7Q&sai=AMfl-YRzKVxwLRowLPBlzqpI4Tri5px17XhsLME2Q-4HtY8vvLLL0xL-U76708hnbuVOeZ6oGlCEk-ClZan8&sig=Cg0ArKJSzNn5GofHdKNWEAE&cid=CAQSGwDUE5ymhjCcF6iwlw-miYRlQ03-z2G6Q6xJ_RgB&id=lidar2&mcvt=1000&p=-70,0,430,180&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230315&bin=7&avms=nio&bs=0,0&mc=0.72&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679317010320&rpt=231&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 12:56:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
44ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230315&jk=4288765480582794&bg=!kZKlksbNAAZEjmHWZI47ADkAdvg8WlWZ_2p3AJI_AL0ilqZJNcdaXzvq1ygI75c3-XSkIWQpBg3oK0JZTtVFcVes-yhMT415KBcCAAAAY1IAAAACaAEHmQKfL0kVun5S7rVJeg5aQNQGYAjK-qxwYBFfmln5efB1UHgnrYc0ZuJRae8RSDzJlcjf6-r1VHFWFiwW2MS8MUCz3K9HwVTctFAzIgbbAWHtL2Lv4v59mSZGE0snzMeHh8V-l_0YZH1FiSFfJOzjRwDewTO80lBiUAaNwF6vefxgGh6rVWn05LyW7T7VEtsJS1qAFXMXVuVLVFP8aD8tLG1C1Pg9EsTY6QdwA2Q0xY8DDhmdBfkndvN9ir0PX4In-BTU1W2zUPuLTaFLBSTrvAXWS8_U1cWPXYbUM2LJuahDaICcfsChzeskC-jsUOBzjQ2eIrI9zMchdl5CnT0cuuyVqCHJCz4uKS3t_Uvzk7d8Ad6sgixVt9n3gXXwaoyCs_ymSM8_GWuOAX5_khYpWczE0vpmktYkPcALSD3kQHTIvaJ4fVNMIoLTsKCOmPIDtAszxHAzv6103TTNDNMWVHIPbV3Vr9BaBv2jEhjyiL3W83NRp4RrMI6i-kcg9qQ_Sa0XXLcirVsFpdSyi6lmGc4WPJmJ5XWa_2PyUSStba-MRNi-dmWCc3t1r5UlLZZoWOWTGLu4QnoMvf4PWFJNxgn8kCH25Glh9LX_4CEGa8QrmEfjbE3DO4f95PK0IGtzX91HDCEgQIzmQrBUbCwAN2eoaKIz7UhvrLgegODscr_GPLmdpeYa4nibSYeA2dw9lmHQGQwYceEg6DuWUM2dgOxoMlSKop-T1j8LENdlut4-7IWjzrli0rUUeQQYHeO5NW6YD9mWOUlhi2JEQEDD5oMHunLZRV2pybVNYzoJok7UfZUUs-XMg5fXcFxe87pW23JnSIswRfTxQsbfGIbpADqUGPxg2flp-isqnBcK51ROw6j8rQ8buPzxoJacD30L8Eg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 Banner_SupportInvestigativeJournalism.png
theshiftnews.com/wp-content/uploads/2022/06/ 21 KB
21 KB 14ms
13ms Image
image/webp 2606:4700:10::6816:2ec1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theshiftnews.com/wp-content/uploads/2022/06/Banner_SupportInvestigativeJournalism.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ec1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2a0eb1e52e35be669a6e78a0bdb5c05e834dec1d62e432cab8823d6ef6ecb38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theshiftnews.com/2018/01/27/vitals-ownership-untangling-the-web/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:56:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 104491
cf-polished: origFmt=png, origSize=57886
content-disposition: inline; filename="Banner_SupportInvestigativeJournalism.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21330
cf-bgj: imgq:100,h2pri
last-modified: Wed, 08 Jun 2022 20:02:31 GMT
server: cloudflare
etag: "62a10057-e21e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIRWXU%2FAYbjAxzIufY7mkGbEfErinJMHZM2y4vaZYiLEdyukJjzgwNqwivDpLQrmkeycgLZNU2zvemH2QxiWoTjjXNcBWGAIuMccqcdilfLEor5y77THxmHH2JCoYC%2FiUHNW6xEFP4WZjn6zCOY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aae1e2c4fe2bba1-FRA

Verdicts & Comments Add Verdict or Comment

172 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.theshiftnews.com/	1970-01-20 20:04:37	Name: _ga_2M9K85TCJE Value: GS1.1.1679317009.1.0.1679317009.0.0.0
theshiftnews.com/	1970-01-20 19:14:13	Name: cookielawinfo-checkbox-necessary Value: yes
theshiftnews.com/	1970-01-20 19:14:13	Name: cookielawinfo-checkbox-non-necessary Value: yes
.theshiftnews.com/	1970-01-20 20:04:37	Name: _ga Value: GA1.2.758828850.1679317009
.theshiftnews.com/	1970-01-20 10:30:03	Name: _gid Value: GA1.2.1852472210.1679317009
.theshiftnews.com/	1970-01-20 10:28:37	Name: _gat_gtag_UA_108509011_1 Value: 1
.theshiftnews.com/	1970-01-20 19:50:13	Name: __gads Value: ID=d4e80107da258bd9-221864a562dd00f1:T=1679317009:RT=1679317009:S=ALNI_MbcLjeT2o680ZPkMCZ8OLC-Pt4eZw
.theshiftnews.com/	1970-01-20 19:50:13	Name: __gpi Value: UID=00000bc974dff49a:T=1679317009:RT=1679317009:S=ALNI_MYOQAMv8Hz-cjjj1GFxXGkDiAYQsA
.doubleclick.net/	1970-01-20 19:50:13	Name: IDE Value: AHWqTUnulzCOrHaiYwg3P4pnha3nHAVF-HdisoKvhu9BTDtmIDa8pdsxoZzhhICeFM4
.doubleclick.net/	1970-01-20 10:28:40	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 12:38:13	Name: d Value: EHcBCQHHKIEA
.quantserve.com/	1970-01-20 19:58:51	Name: mc Value: 64185812-d32da-38a1c-a9cf4
.blismedia.com/	1970-01-20 19:14:17	Name: b Value: 64185812DDEFADBF09085096BLIS
.travelaudience.com/	1970-01-20 20:00:17	Name: _tracker Value: %7B%22UUID%22%3A%22625AB43F-6943-4458-8685-7B39D0886892%22%7D
.everesttech.net/	1970-01-20 19:14:13	Name: everest_g_v2 Value: g_surferid~ZBhYEgACvA-n5ABG
.awin1.com/	1970-01-20 10:31:29	Name: awpv20044 Value: 412871\|1679317011\|aebbc140-c71e-11ed-b00f-2238801674a3
.awin1.com/	1970-01-20 10:32:56	Name: awpv11354 Value: 412871\|1679317011\|aec0ca50-c71e-11ed-b339-2265b7c46fb7
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
.o2online.de/	1970-01-20 10:38:41	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY3OTMxNzAxMXZsZWExZGUyMDIzMDMyMDEzNTY1MTgzMDM4Njk2MTc1WDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWQxUVl0YmZLZnFCUnU5SGRIOXRBdDIycmgyU0tUR0c4U3g3WFFvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMTc2Nzk
.o2online.de/	1970-01-20 10:38:41	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 10:38:41	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023032013565183038696175X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY3OTMxNzAxMXZsZWExZGUyMDIzMDMyMDEzNTY1MTgzMDM4Njk2MTc1WDExNzY3OVYxMjI2MTMyNzAyT
www.conrad.de/	1970-01-20 10:32:56	Name: HTLP_timestamp Value: 1679317011400
www.conrad.de/	1970-01-20 10:32:56	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 10:28:38	Name: __cf_bm Value: BMno5UTRFUvHnjPPJMsUXkhRaNm7sWnYhr7nkWxbqWw-1679317011-0-AVNyJvJwo3q+QSzXdQsRJ25Yie9PCEWSjy/j1dB5OtIFfPlvEq+4j9LJcTD+1MSMOtZXVEI5vyB11e1ZD/hgWUo=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
ads.travelaudience.com
adservice.google.com
adservice.google.de
api.realtimely.io
as.ad4m.at
assets.ad4m.at
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
getbootstrap.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pixel.rubiconproject.com
prod-rtb.ad4mat.net
region1.google-analytics.com
rtb.openx.net
secure.gravatar.com
static-de.ad4mat.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
theshiftnews.com
tpc.googlesyndication.com
tr.blismedia.com
ua.realtimely.io
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
104.111.217.42
104.77.35.11
142.250.186.34
142.250.186.38
151.101.130.49
167.233.13.224
2001:4860:4802:34::36
2600:1901:0:76b9::
2606:4700:10::6816:2ec1
2606:4700:10::ac43:1e94
2606:4700:20::681a:14b
2606:4700:20::681a:61b
2606:4700:20::ac43:4a81
2606:4700::6811:180e
2606:4700::6812:7f05
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:800::2002
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:803::2008
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::200a
2a00:1450:4001:813::200e
2a00:1450:400c:c00::9a
2a04:fa87:fffe::c000:4902
34.96.105.8
35.186.253.211
35.190.0.66
69.173.144.139
84.200.5.215
0282cb81fe62e98da9ec7200defd5019ba3e12695f5864b0eb5bdb313b374cef
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
09c9df35348295d97683f7eef11cf3edaedac0b1ed58a3483591605343c7b46a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1132d7306869e21339d9d4fa6672bd52c7a6feee86fde46e5b9f774b49d75e69
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
246a4f9a2c95f204c0914af5d6aa4671d17947892aa992189b71f9e7d573b4d9
25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4
282c6e716b3681478b1204f2e25a077983ecb2819991cf17428eca4061b5ea1f
28327bea7e931342b2d6d409ed0869f040cfe241196283a3ec1e904db477b824
2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116
2b28d70bd0f1f6e31d2b809516a0291521eb5cca9881f7a63ea38886e66cbed3
2d296ebf843649fb4ae2ccb89b4ce9bfc83ce807aa23a88596d8d0660ea96ca2
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
30f2eefeec3981e59bcdd581e446755020678aee0d003a5093c7d0112fc0c110
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
317f149045d69a8bf445de8bbd3ff61b2cc95da746998e97f4381dfe3326c7f7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40fee94b34306c5d83f77701c3e31c344854cf5070aff706c6954a096d3428e9
41e037145060676796c6658333e6983314fd289c327453caa6682ccf78cab36b
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
4410c9c8ff86b7df8cb3b649c9e519bcd8bbcc684f32f58f106e9981a43f56c4
442ded1995bed09d71ebbac985047547e1d12bee2b9824486333e44b0d6365ca
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4635d180a267763b40c2d2b3f44ca39382fca1b35106d9d6cf900a6613919a3d
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0f374fc5b4e8c4fc06626965f53445df1249091774dbe20dc409d3c17e88da
5354e39386ac532451426dc4764a94b298f004c8fecdd14d2b79215e9e229170
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5734f1b66dcb622529d435aba20990813d43553f949bc0813719b4e7d1252527
57816f53bd297e04d4a9a30d1571068bef957813fa5d5837c7438fb7bca05e06
5782ec75cc9b26f205b6fec3a368fc9cce2cd913dd21d3d6fd9cd07e12960e29
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
5ed89f7b7c23122f45cbc8d922b495057ee7ce043eeddaa2ab8a00f6a7b3b28c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
656f5eae36a6930673be3c0cb3f1bb5812304fa7be379afd162bbec9325ac773
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a
68932d62a324e5767c27558e490e923a479666b635bd774f1897fda1202c851c
696abb1249ad3aac33060bfed46b870e4a645faf9b96a9b81b3af85a4ef42694
6a224e48c87ddcf3e5657bacd73839a1c45b0b1abb7a79fa4aadfe421f2e0e31
6a2d500d4ac0bba5317698b68c383179098a0ad47879f56de7318ceb37fba68e
6aa4aec3bf9cf0b1c0b6ac8db92c9c0126c3642e0ceb730601a0d2db7083cac3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c4ca119cf1bceba15e6b59d19c9a913dcfa12dd54b9ca0900890819adfae5e5
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
6c741134cd58edf34ba1961ba9ddd481488785620ea1a84f89cdb3086db8391f
6ffceab06606daeefdbe08e41fabb1a4c39dcc5b633f4b6f9d27ee20fc094f5a
738e352030f4d80a4189fd20e51e500c8bfb6faa7c83be733d46b933bbb68a57
765b6147ff5aa87f5317bb4ff3385d37f5c45c75321b6fd812a2faebe84bd10b
7758a4fd4f12e3dcce82f7ee68f926f28fad12d9073b88eced439b6a6fe12343
7a6fbc96b6db215b5b43c4758c01c74832456587482191dbd1e705730e39d1b0
7b95b6db1010e1702620f554d27f16a985104f0a6c44ab3614cbd0f4c07388ac
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
83d130f9def5a2a9eb8ba34059efe04dda3ab47559000a42cd3662c23ccb2435
87f027a911a0a106c0e181af82b92a753671593db23175c3074e5f51da448360
88ade16a4898f80ca0e68847eee08cb7688fff1dbc8a5aff3a6d5ed798da51fb
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
96ce322202ef7e3b01297d200619a12b49eb6c2843ef34d29bb2e29754638d84
9770a296bbeaa849d24ad73fa41c033e8cec7503b3a633e6d798cc5edf4b962d
9859264a7cacb37d1e5db8a0dd30b83e1927b2e5bac3dc1103e16f3da7cd9666
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9d05e1a0d8d7a5f93e2570db9b6db1d54fd591543c6e3f2dc6ff5f3fd232b3b0
9e999870e7e26d80457219f01b609a9d19a13357557aba1908ef1179d69c27dd
a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0ea65a36aae275c0d6063bc1e6dd9e4b2281fb9e5272b13e8da7b9dcab7c798
a2a0eb1e52e35be669a6e78a0bdb5c05e834dec1d62e432cab8823d6ef6ecb38
a3e447314d773b1f12c8e25cbada852cce1832803c227a7b87e3a842c0f91af4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a61b8c70c730d778a12ecff9f7a17be9b8d25f04253fd0159f02ada438255853
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27
ad402ec21f8414d3a6e2be844c3da3ba969d2c507bbffbceee832809fdb2ce16
ae7408f2101830f31699e5550dddfa41f5bb7c8c07c8a72b1ce3642f744e007f
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b04f10184304e35bf3feee57ef89feae5179b1d5b3ce197a6a4e86573719b32e
b21d3c84a56e96a787129c9b016a36df3ee65aadec3d5c693c5e88eb808e76de
b25b1eba3f87154256061b3a61d1b445eb88af71e2a3e0f36d2f9c1a1e453e51
b5bc6e295567ab6723e8b71b9cebbaf12239f9a94c804af09e57412ce70c3177
bf471cda258b1b385dcde1f76eb7586b20a35a5162bea841dce6c59c5cedf11f
bf817ee4b2d4e9d98e05e1382d295f8f10fef43770cd4e291d924a5d0afc8cc2
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
c2739d1b0990a8a1abb3113d5a3f46caa0ba9acbaf49cd96bc4898c8c25addd1
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2f589ed9467c4787253f164173dccbcdb1aba0ed7696b866ac5156acf60f3ea
c419d2fd5741d0f9e1a829504aedc7503d0350eb078107b67a8dbaa982385ce7
c6b6208e3083ac1d4e50d2d618710edd22a280caddc4ce9bb3db1692170b5cf8
c7f2d1c10677ab9e4124a855cd2e4d21b22592be42177ba38ee11d094322554b
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
cb15d75d6db05e652ed173154858867ab6116e06ec4b1f6a726a4cbddbe5b414
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cc8461b5cfd9b6be0589695d4c177d9c35c271fc66be905d8ca4298e3bda2580
ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97
d52d544f0cc4b5646e0943f283586cdf0acb72ac39cbea08b666221dc6e08cc2
d5c16fb430da47c45f8aad57e4598f204514a91f79095fa14bb5ec7e14e55305
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45a025dd7867dea884cf21cb6940090932f78e3a0d506971f088f97c2a5821c
e6798f5bcde77b61afb0b5d323ef9f611c3df67da2faccf4e15a954a8ead85fb
e811d2e47fbe942af0065eff70a632dd667486f045a2d4d2456e7a0c2a35b795
ebd21fd785e33300ae6571194031810c2e87373fb139b681888b2423d78a562b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f298c1c65d9cdefb0c04e1df499ce9dd41d0efeef4af0e692a5beac98e03cb5f
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f6cfbb6ad69cac182f20b4ab6e1956a1b4d86ba53feed87d2aa4f4b88a63a939
f6dbb92042412683149e8aa3e72e182c8aea8525a155d42cbb59c04d27d0aebe
f723ef129d292ff91a97ecc2c818f88397ffb4e4411d112db7a819bf95dc5840
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f8d10c202069a55090f777516a912bbac8fef315b06598ed8b2821f4217e8580
f9452254500822cbcd3a40c9a74a850b3a338c148b37aa4f24dcee24998a99c0
fac5da0573738445914239b601391b9f2ac194e543b7a0400a8bbee267b97f3a
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
fe08d43b9bc0803e09a18cd1fb42be4f6b458140174989a46ec72e4667f6dd19
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2
ffce487df4744525fd529363bd47e310529698170c91084a5099f760fa957569

theshiftnews.com Open in urlscan Pro 2606:4700:10::6816:2ec1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

183 Requests

97 %HTTPS

68 %IPv6

29 Domains

40 Subdomains

30 IPs

5 Countries

5807 kBTransfer

10177 kBSize

24 Cookies

14 Outgoing links

Redirected requests

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

theshiftnews.com Open in urlscan Pro
2606:4700:10::6816:2ec1 Public Scan

Screenshot
Live screenshot

Full Image

183
Requests

97 %
HTTPS

68 %
IPv6

29
Domains

40
Subdomains

30
IPs

5
Countries

5807 kB
Transfer

10177 kB
Size

24
Cookies

183 HTTP transactions
5 data transactions