www.directshifts.com Open in urlscan Pro
34.253.101.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://clt1431339.bmetrack.com/c/l?u=E5937C6&e=14FCD45&c=15D72B&t=0&l=8B3F0060&email=xxy5nVkuz2B22eldCxGaiQ%3D%3D&seq=1
Effective URL:
https://www.directshifts.com/post/why-is-clinician-burnout-on-the-rise?utm_source=mkt-email&utm_medium=mkt-unconfirmed-newsle...
Submission: On September 17 via api (September 17th 2022, 8:08:48 pm UTC) from US — Scanned from DE

Summary HTTP 103 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 32 IPs in 4 countries across 27 domains to perform 103 HTTP transactions. The main IP is 34.253.101.190, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.directshifts.com.
TLS certificate: Issued by R3 on July 11th 2022. Valid for: 3 months.

This is the only time www.directshifts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.217.184.84 34.217.184.84	16509 (AMAZON-02) (AMAZON-02)
1	34.253.101.190 34.253.101.190	16509 (AMAZON-02) (AMAZON-02)
8	13.225.78.6 13.225.78.6	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	52.3.160.253 52.3.160.253	14618 (AMAZON-AES) (AMAZON-AES)
5	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:9207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.84.17 13.225.84.17	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
39	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:7200:1d:7a82:2900:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:a0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.36.162.25 23.36.162.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
4	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	23.36.162.71 23.36.162.71	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 6	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:27::... 2620:1ec:27::cafe:1761	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.84.22.197 20.84.22.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
103	32

1 34.217.184.84 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-217-184-84.us-west-2.compute.amazonaws.com

clt1431339.bmetrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.101.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-101-190.eu-west-1.compute.amazonaws.com

www.directshifts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.225.78.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-6.fra2.r.cloudfront.net

uploads-ssl.webflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.3.160.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-160-253.compute-1.amazonaws.com

web-us11.mxradon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:9207 (United States)

ASN13335 (CLOUDFLARENET, US)

sibforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-17.fra2.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:7200:1d:7a82:2900:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jetboost.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:a0c (United States)

ASN13335 (CLOUDFLARENET, US)

assets.sendinblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.162.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-25.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.162.71 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-71.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1761 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.84.22.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

f.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	gstatic.com fonts.gstatic.com	765 KB
8	webflow.com uploads-ssl.webflow.com — Cisco Umbrella Rank: 12907	853 KB
6	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 113	901 B
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 557 c.clarity.ms — Cisco Umbrella Rank: 998 f.clarity.ms — Cisco Umbrella Rank: 5205	26 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 209	20 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	315 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 79	5 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 394 www.linkedin.com — Cisco Umbrella Rank: 623 px4.ads.linkedin.com — Cisco Umbrella Rank: 6198	4 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	215 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 375 c.bing.com — Cisco Umbrella Rank: 220	13 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6352	764 B
3	google.com www.google.com — Cisco Umbrella Rank: 2	764 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2989	20 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 293 fonts.googleapis.com — Cisco Umbrella Rank: 40	39 KB
2	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 6296 api.livechatinc.com — Cisco Umbrella Rank: 5158	26 KB
2	sendinblue.com assets.sendinblue.com — Cisco Umbrella Rank: 74378	29 KB
2	sibforms.com sibforms.com — Cisco Umbrella Rank: 46040	148 KB
2	mxradon.com web-us11.mxradon.com — Cisco Umbrella Rank: 320626	4 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 538	356 B
1	t.co t.co — Cisco Umbrella Rank: 489	338 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 128	16 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 613	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 769	3 KB
1	jetboost.io cdn.jetboost.io — Cisco Umbrella Rank: 45680	4 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	30 KB
1	directshifts.com www.directshifts.com	20 KB
1	bmetrack.com 1 redirects clt1431339.bmetrack.com	634 B
103	27

	Domain	Requested by
36	fonts.gstatic.com	fonts.googleapis.com
8	uploads-ssl.webflow.com	www.directshifts.com uploads-ssl.webflow.com
6	www.facebook.com	1 redirects www.directshifts.com
5	cdnjs.cloudflare.com	www.directshifts.com
5	www.googletagmanager.com	www.directshifts.com www.googletagmanager.com
4	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	www.google.de	www.directshifts.com
3	www.google.com	www.directshifts.com
3	googleads.g.doubleclick.net	www.googleadservices.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.directshifts.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	px.ads.linkedin.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	assets.sendinblue.com	www.directshifts.com
2	sibforms.com	www.directshifts.com
2	web-us11.mxradon.com	www.directshifts.com web-us11.mxradon.com
2	ajax.googleapis.com	www.directshifts.com
1	f.clarity.ms	www.clarity.ms
1	c.bing.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	analytics.twitter.com	www.directshifts.com
1	t.co	www.directshifts.com
1	px4.ads.linkedin.com	www.directshifts.com
1	www.linkedin.com	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	api.livechatinc.com	cdn.livechatinc.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	cdn.livechatinc.com	www.directshifts.com
1	cdn.jetboost.io	www.directshifts.com
1	fonts.googleapis.com	ajax.googleapis.com
1	d3e54v103j8qbb.cloudfront.net	www.directshifts.com
1	www.directshifts.com
1	clt1431339.bmetrack.com	1 redirects
103	36

This site contains links to these domains. Also see Links.

Domain
bit.ly
app.directshifts.com
www.ipsos.com
finance.yahoo.com
trianglenewshub.com
www.businesswire.com
twitter.com
www.linkedin.com
www.facebook.com
www.instagram.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
www.directshifts.com R3	`2022-07-11` - `2022-10-09`	3 months	crt.sh
uploads-ssl.webflow.com Amazon	`2022-08-28` - `2023-09-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.mxradon.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
cdn.jetboost.io Amazon	`2022-05-20` - `2023-06-18`	a year	crt.sh
sendinblue.com Cloudflare Inc ECC CA-3	`2021-09-29` - `2022-09-28`	a year	crt.sh
livechat.com DigiCert ECC Secure Server CA	`2022-02-25` - `2023-03-01`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-27` - `2022-09-25`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.directshifts.com/post/why-is-clinician-burnout-on-the-rise?utm_source=mkt-email&utm_medium=mkt-unconfirmed-newsletter-mddo&utm_campaign=mkt-clinician-burnout-blog-newsletter&utm_source=BenchmarkEmail&utm_campaign=mkt-mddo-newsletter-batch7-09172022&utm_medium=email
Frame ID: 4F10C195C7F0A4137585AF7255CA41C0
Requests: 102 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9640D1C01CF75D6D6F9ECA12525489B6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: AF67B99B7699FA22CFEAC88175A348F0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Why is Clinician Burnout on the Rise: Statistics, Causes, and Cure

Page URL History Show full URLs

http://clt1431339.bmetrack.com/c/l?u=E5937C6&e=14FCD45&c=15D72B&t=0&l=8B3F0060&email=xxy5nVkuz2B22eldCxGaiQ... HTTP 302
https://www.directshifts.com/post/why-is-clinician-burnout-on-the-rise?utm_source=mkt-email&utm_medium=mk... Page URL

Detected technologies

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

103
Requests

97 %
HTTPS

58 %
IPv6

27
Domains

36
Subdomains

32
IPs

4
Countries

2572 kB
Transfer

5117 kB
Size

30
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://bit.ly/DS-covid
Title: Our COVID-19 Response: Fees Waived for Clinician Staffing

Search URL Search Domain Scan URL

URL: https://app.directshifts.com/users/sign_in
Title: Sign In

Search URL Search Domain Scan URL

URL: https://www.ipsos.com/en-us/news-polls/usa-today-ipsos-healthcare-workers-covid19-poll-022222
Title: poll

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/news/commonspirit-health-dhge-launch-nations-143600505.html
Title: article

Search URL Search Domain Scan URL

URL: https://trianglenewshub.com/lifestyle/pandemic-exacerbated-looming-nursing-shortage-burnout/
Title: article

Search URL Search Domain Scan URL

URL: https://www.businesswire.com/news/home/20170508005305/en/Kronos-Survey-Finds-That-Nurses-Love-What-They-Do-Though-Fatigue-is-a-Pervasive-Problem
Title: pre-pandemic factors

Search URL Search Domain Scan URL

URL: https://twitter.com/directshifts

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/directshifts/
Title: 

Search URL Search Domain Scan URL

URL: https://www.facebook.com/directshifts/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/directshifts/

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/directshifts/id1420001050

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.directshifts&hl=en_US&gl=US

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://clt1431339.bmetrack.com/c/l?u=E5937C6&e=14FCD45&c=15D72B&t=0&l=8B3F0060&email=xxy5nVkuz2B22eldCxGaiQ%3D%3D&seq=1 HTTP 302
https://www.directshifts.com/post/why-is-clinician-burnout-on-the-rise?utm_source=mkt-email&utm_medium=mkt-unconfirmed-newsletter-mddo&utm_campaign=mkt-clinician-burnout-blog-newsletter&utm_source=BenchmarkEmail&utm_campaign=mkt-mddo-newsletter-batch7-09172022&utm_medium=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1219810&time=1663445323030&url=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1219810%26time%3D1663445323030%26url%3Dhttps%253A%252F%252Fwww.directshifts.com%252Fpost%252Fwhy-is-clinician-burnout-on-the-rise%253Futm_source%253Dmkt-email%2526utm_medium%253Dmkt-unconfirmed-newsletter-mddo%2526utm_campaign%253Dmkt-clinician-burnout-blog-newsletter%2526utm_source%253DBenchmarkEmail%2526utm_campaign%253Dmkt-mddo-newsletter-batch7-09172022%2526utm_medium%253Demail%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1219810&time=1663445323030&url=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1219810&time=1663445323030&url=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&liSync=true&e_ipv6=AQJ04yuxDBAQSQAAAYNNEU640QycuEUJS0obg5bkZUHikxxym63XELryCfukH-f9Cizqsq53

Request Chain 84

https://www.facebook.com/tr/?id=544517416607632&ev=PageView&dl=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&rl=&if=false&ts=1663445323135&sw=1600&sh=1200&v=2.9.83&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1663445323134.1263441218&it=1663445323048&coo=false&tm=1&rqm=GET HTTP 302
https://www.facebook.com/tr/?a=tmSimo-GTM-WebTemplate&coo=false&dl=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&ec=0&ev=PageView&fbp=fb.1.1663445323134.1263441218&id=544517416607632&if=false&it=1663445323048&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&tm=1&ts=1663445323135&v=2.9.83

Request Chain 101

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=06A19BDC81D24ADBBF12C5CD1A56E0B7&RedC=c.clarity.ms&MXFR=0D33FBAF8A26681D0286E98D8E266634 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=06A19BDC81D24ADBBF12C5CD1A56E0B7&MUID=20F030EC6FE26C38084222CE6E306D3B

103 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request why-is-clinician-burnout-on-the-rise Show response
www.directshifts.com/post/
Redirect Chain

http://clt1431339.bmetrack.com/c/l?u=E5937C6&e=14FCD45&c=15D72B&t=0&l=8B3F0060&email=xxy5nVkuz2B22eldCxGaiQ%3D%3D&seq=1
https://www.directshifts.com/post/why-is-clinician-burnout-on-the-rise?utm_source=mkt-email&utm_medium=mkt-unconfirmed-newsletter-mddo&utm_campaign=mkt-clinician-burnout-blog-newsletter&utm_source=...

65 KB
20 KB

178ms
91ms

Document
text/html

34.253.101.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.directshifts.com/post/why-is-clinician-burnout-on-the-rise?utm_source=mkt-email&utm_medium=mkt-unconfirmed-newsletter-mddo&utm_campaign=mkt-clinician-burnout-blog-newsletter&utm_source=BenchmarkEmail&utm_campaign=mkt-mddo-newsletter-batch7-09172022&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.253.101.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-101-190.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 5364955e6896b4616b311e51738cc2c5fcc1f4dbd2bcb050b47cbd2a41a67582

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15750
content-encoding: gzip
content-length: 20411
content-type: text/html
date: Sat, 17 Sep 2022 20:08:42 GMT
server: openresty
vary: x-wf-forwarded-proto, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-cluster-name: eu-west-1-prod-edge-blue
x-lambda-id: e1e57d20-8856-4696-9a2a-903b19295c51
x-served-by: cache-iad-kiad7000118-IAD, cache-dub4333-DUB
x-timer: S1663445322.184131,VS0,VE32

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 414
Content-Type: text/html; charset=utf-8
Date: Sat, 17 Sep 2022 20:08:41 GMT
Location: https://www.directshifts.com/post/why-is-clinician-burnout-on-the-rise?utm_source=mkt-email&utm_medium=mkt-unconfirmed-newsletter-mddo&utm_campaign=mkt-clinician-burnout-blog-newsletter&utm_source=BenchmarkEmail&utm_campaign=mkt-mddo-newsletter-batch7-09172022&utm_medium=email
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-XSS-Protection: 0

GET
H2 200 sai-directshifts.webflow.d29e9e146.min.css
uploads-ssl.webflow.com/5abebcf1b3e0cb4bb9718bba/css/ 356 KB
61 KB 39ms
18ms Stylesheet
text/css 13.225.78.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/5abebcf1b3e0cb4bb9718bba/css/sai-directshifts.webflow.d29e9e146.min.css
Requested by: Host: www.directshifts.com
URL: https://www.directshifts.com/post/why-is-clinician-burnout-on-the-rise?utm_source=mkt-email&utm_medium=mkt-unconfirmed-newsletter-mddo&utm_campaign=mkt-clinician-burnout-blog-newsletter&utm_source=BenchmarkEmail&utm_campaign=mkt-mddo-newsletter-batch7-09172022&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-6.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6981a68f214d6ee11f429b2d4a36ce8c0f0259deaace7fa15bd98e603123a8e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: xd0asDio.zlDbUm.l3bqy4c6Kaq9AgEs
content-encoding: gzip
etag: "f9680750224850b1930c5e9d261f8a2c"
age: 35185
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 62180
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
last-modified: Fri, 16 Sep 2022 09:36:14 GMT
server: AmazonS3
date: Sat, 17 Sep 2022 10:22:18 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: AEFbCd57Gwlyay0EqZlh3Pky9gBoHsN2iM-4-d45ATq-w308i5Q05g==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 120ms
38ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.directshifts.com
URL: https://www.directshifts.com/post/why-is-clinician-burnout-on-the-rise?utm_source=mkt-email&utm_medium=mkt-unconfirmed-newsletter-mddo&utm_campaign=mkt-clinician-burnout-blog-newsletter&utm_source=BenchmarkEmail&utm_campaign=mkt-mddo-newsletter-batch7-09172022&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 17:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Sep 2023 17:44:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 169ms
84ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113221055-3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10a69d2a03ee201fd6e63973e112e343c9121992fb984b0955dce675dd8a7a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42367
x-xss-protection: 0
last-modified: Sat, 17 Sep 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Sep 2022 20:08:42 GMT

GET
H2 200 Tracker.js Show response
web-us11.mxradon.com/t/ 13 KB
4 KB 311ms
102ms Script
application/javascript 52.3.160.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://web-us11.mxradon.com/t/Tracker.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.3.160.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-160-253.compute-1.amazonaws.com

Software

Microsoft-IIS/10.0 /

Resource Hash

0223e8486d3e57906fd46def1393dadcce0bc5aff032b751c43a942c71f0cd7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:42 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 01:55:54 GMT
server: Microsoft-IIS/10.0
etag: "0f1d0ca4ac6d81:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3514

GET
H2 200 slick.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 2 KB
767 B 35ms
15ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 251448
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 450
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-6f0"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGkx6nDsMUbJ%2BHuGSbD3FOClsWmMtzIhbXiCtJQR5kjIYVWpT2RSzXuzKcxEXML7QAwQMeXnoX6332QregR%2FaQ1%2BReTgHkE%2BZ11hktKylKs9iHZooOYIQPZIt0bSLmccchRlIonDGlEaquvj9AibOo9A"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74c479b04f349213-FRA
expires: Thu, 07 Sep 2023 20:08:42 GMT

GET
H2 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 2 KB
1 KB 34ms
14ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick-theme.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2161983
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 657
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-956"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tf5ea0XoLL6ptOKKBedLNuSTb%2FCSghG9Oe31cGQjlpEn8dAOae6amsjkHvdZaaBosUp9gM3X62M1mVvWSlWeTQgdv5yv%2B7UUNWFfzAZ%2FX%2Follm3QUhgW4NWEkEdye09%2B6EFbxycufCWW1bAuO2P5c88k"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74c479b04f359213-FRA
expires: Thu, 07 Sep 2023 20:08:42 GMT

GET
H2 200 magnific-popup.min.css
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/ 5 KB
2 KB 35ms
16ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/magnific-popup.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d92e113ac3031b838001ddddf965d045f470ff748ff2e116b30378910eeaecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1393778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1283
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-148b"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fEKks7SyAT1R04sGrsybfSIQuB6BSk89IQRm3xwv6iBpro3Y8qKQhH0uG4NUSYTT%2F5jMMiws4%2BcHf0BV5qRvrhCtt7v%2FTGRUP%2FCmM2gpKOVFuczW1TN3f8A%2BSaN%2BoG%2BszpCLo%2FNYw5%2B%2B%2FjkRzMW0Z%2Bq"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74c479b04f369213-FRA
expires: Thu, 07 Sep 2023 20:08:42 GMT

GET
H2 200 sib-styles.css
sibforms.com/forms/end-form/build/ 51 KB
9 KB 39ms
18ms Stylesheet
text/css 2606:4700::6812:9207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibforms.com/forms/end-form/build/sib-styles.css
Requested by: Host: www.directshifts.com
URL: https://www.directshifts.com/post/why-is-clinician-burnout-on-the-rise?utm_source=mkt-email&utm_medium=mkt-unconfirmed-newsletter-mddo&utm_campaign=mkt-clinician-burnout-blog-newsletter&utm_source=BenchmarkEmail&utm_campaign=mkt-mddo-newsletter-batch7-09172022&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:9207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faa4ab5d0c2fb875e32c74ff91fd0f06898572c56a2c0d4c545250887d124c98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 13 Sep 2022 06:50:39 GMT
server: cloudflare
age: 1049
etag: W/"6320283f-cbaa"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 74c479b04ec45c68-FRA
expires: Sun, 18 Sep 2022 00:08:42 GMT

GET
H2 200 main.js Show response
sibforms.com/forms/end-form/build/ 477 KB
139 KB 43ms
22ms Script
application/javascript 2606:4700::6812:9207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibforms.com/forms/end-form/build/main.js
Requested by: Host: www.directshifts.com
URL: https://www.directshifts.com/post/why-is-clinician-burnout-on-the-rise?utm_source=mkt-email&utm_medium=mkt-unconfirmed-newsletter-mddo&utm_campaign=mkt-clinician-burnout-blog-newsletter&utm_source=BenchmarkEmail&utm_campaign=mkt-mddo-newsletter-batch7-09172022&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:9207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c0f651c3c90096df9ef001b0473f96b28f4dac4754b41bfae901135ebc64c50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 13 Sep 2022 06:50:39 GMT
server: cloudflare
age: 951
etag: W/"6320283f-77333"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 74c479b04ec75c68-FRA
expires: Sun, 18 Sep 2022 00:08:42 GMT

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
30 KB 30ms
9ms Script
application/javascript 13.225.84.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=5abebcf1b3e0cb4bb9718bba
Requested by: Host: www.directshifts.com
URL: https://www.directshifts.com/post/why-is-clinician-burnout-on-the-rise?utm_source=mkt-email&utm_medium=mkt-unconfirmed-newsletter-mddo&utm_campaign=mkt-clinician-burnout-blog-newsletter&utm_source=BenchmarkEmail&utm_campaign=mkt-mddo-newsletter-batch7-09172022&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-17.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.directshifts.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 11:16:41 GMT
content-encoding: br
vary: Accept-Encoding
age: 31931
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: qOQ0Gyeu24FK3PPOWXHCJit61zjcz3A4dAZ6m6-CMSLn4eTA-9ajpQ==

GET
H2 200 webflow.8e9146776.js Show response
uploads-ssl.webflow.com/5abebcf1b3e0cb4bb9718bba/js/ 282 KB
71 KB 29ms
9ms Script
text/javascript 13.225.78.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/5abebcf1b3e0cb4bb9718bba/js/webflow.8e9146776.js
Requested by: Host: www.directshifts.com
URL: https://www.directshifts.com/post/why-is-clinician-burnout-on-the-rise?utm_source=mkt-email&utm_medium=mkt-unconfirmed-newsletter-mddo&utm_campaign=mkt-clinician-burnout-blog-newsletter&utm_source=BenchmarkEmail&utm_campaign=mkt-mddo-newsletter-batch7-09172022&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-6.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cb1cd5496aedd8302244fe87682d008afde12777e7c131e631348b32492bdd46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 03:03:32 GMT
content-encoding: gzip
age: 61511
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 72186
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
last-modified: Fri, 16 Sep 2022 12:19:01 GMT
server: AmazonS3
etag: "f752cdc0cc93cb0b9e80681452e374e9"
x-amz-version-id: JQNFmIDo1xoltbKXNg5JC8QzQ87sL1Jn
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: text/javascript
x-amz-cf-id: OGJbtRmaDqryc6is6d6eL0lTvk42BqePv25a16_lYu-XaCAKPdb_3A==

GET
H2 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 42 KB
10 KB 75ms
44ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 253593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9283
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-a76f"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LyyzAQvysW4ve84kR2LkYHJhm9khQ9vJqOqcR2zWyvGk%2BvRJjIjpHyAIRauUZ8fyO3sr4EV1%2FaEVTWJvFQPHsAw%2B2uhMV5taaG95sgKz2cRG9HWFKjdeXlkfnAK9Kt4XB38sXDiDX0Vjuo02MGqxgONr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74c479b0580591de-FRA
expires: Thu, 07 Sep 2023 20:08:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 168 KB
62 KB 164ms
128ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-355023507

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

598ca31f709694c757f520a364356226d95616b174e546e13d6b54f2ad0ce2f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63167
x-xss-protection: 0
last-modified: Sat, 17 Sep 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Sep 2022 20:08:42 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 120ms
39ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 19:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Sep 2023 19:55:50 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/ 20 KB
7 KB 35ms
16ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 787907
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6546
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-4ef8"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfE3TtvXdfxpRHc7bnYVmWec8CwW%2BdZS6H8%2FQ9qTr%2FXsDMaoSGrdhQh9qW8Ek6%2B2VeRVYyGnf1Ny14EBZGCGy5Bu4CIu5wlT3z8%2BhEdHGM%2BVmIH6%2FiNVwKLM9OSHOOtP2kFu3rqV2FoCp8yRRcDu4r%2BR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74c479b04f389213-FRA
expires: Thu, 07 Sep 2023 20:08:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 97 KB
3 KB 138ms
55ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7COpen+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CNunito+Sans:300,regular,italic,700,800%7CNunito+Sans:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc43d61017e30f133e5b52faaa3935429fb266b3ef9c490c4e84ad2c7bc7714e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 17 Sep 2022 20:08:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 17 Sep 2022 20:08:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Sep 2022 20:08:42 GMT

GET
H2 200 S6u8w4BMUTPHh30AXC-q.woff2
fonts.gstatic.com/s/lato/v23/ 21 KB
21 KB 199ms
115ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHh30AXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7COpen+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CNunito+Sans:300,regular,italic,700,800%7CNunito+Sans:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a79b4c65b454a795ff3868156f54be09ac8360b9fd3ba21431b5c48fd9b66afa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:12:35 GMT
x-content-type-options: nosniff
age: 356167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21508
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:12:35 GMT

GET
H2 200 S6u-w4BMUTPHjxsIPx-oPCI.woff2
fonts.gstatic.com/s/lato/v23/ 17 KB
17 KB 177ms
93ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u-w4BMUTPHjxsIPx-oPCI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b19efe906c9b0345db45525ed83c76031644e39329a36d39badf5275bce363c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:12:35 GMT
x-content-type-options: nosniff
age: 356167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17072
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:12:35 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 124ms
40ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:12:19 GMT
x-content-type-options: nosniff
age: 356183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:12:19 GMT

GET
H2 200 S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v23/ 17 KB
17 KB 190ms
107ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI9w2_Gwft.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:12:23 GMT
x-content-type-options: nosniff
age: 356179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17728
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:10:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:12:23 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 150ms
69ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 356433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:08:09 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v23/ 24 KB
24 KB 229ms
148ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:09:03 GMT
x-content-type-options: nosniff
age: 356379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:09:03 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 297ms
217ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 356433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:08:09 GMT

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v23/ 24 KB
24 KB 299ms
218ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:12:19 GMT
x-content-type-options: nosniff
age: 356183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24448
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:12:19 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 22 KB
22 KB 285ms
205ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:12:19 GMT
x-content-type-options: nosniff
age: 356183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:12:19 GMT

GET
H2 200 S6u_w4BMUTPHjxsI3wi_Gwft.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 295ms
215ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI3wi_Gwft.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d32335c2c5fd5de9ee5f3d3b1fe4d9dde14aad16eda570a35018b0ff1dc093d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:12:43 GMT
x-content-type-options: nosniff
age: 356159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23736
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:12:43 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 293ms
213ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:46:43 GMT
x-content-type-options: nosniff
age: 354119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:46:43 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v25/ 31 KB
31 KB 274ms
194ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 04:47:20 GMT
x-content-type-options: nosniff
age: 314482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31760
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 04:47:20 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 287ms
208ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:18:56 GMT
x-content-type-options: nosniff
age: 355786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19752
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:18:56 GMT

GET
H2 200 u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 277ms
198ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75ca7c01eaa8136d970bde6ea6ae0896d2fe30febf82e7679257df6e1f8a7496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:40:23 GMT
x-content-type-options: nosniff
age: 354499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19720
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:47:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:40:23 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 291ms
212ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:07:15 GMT
x-content-type-options: nosniff
age: 356487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:07:15 GMT

GET
H2 200 u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 213ms
134ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:07:16 GMT
x-content-type-options: nosniff
age: 356486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19780
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:07:16 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 204ms
125ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:07:20 GMT
x-content-type-options: nosniff
age: 356482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:07:20 GMT

GET
H2 200 u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
20 KB 262ms
183ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:40:08 GMT
x-content-type-options: nosniff
age: 354514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19900
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:40:08 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 253ms
175ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:45:02 GMT
x-content-type-options: nosniff
age: 354220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19816
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:08:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:45:02 GMT

GET
H2 200 u-4l0qyriQwlOrhSvowK_l5-eR7NWPf4jvw.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
20 KB 278ms
200ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7NWPf4jvw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0418dffa2bed9a6300fed9d918f688e7f195b08f4c6f016a07f62ae48fe9609e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:45:48 GMT
x-content-type-options: nosniff
age: 300174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 08:45:48 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 254ms
176ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 436688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 18:50:34 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 47 KB
47 KB 302ms
224ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:42 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47952
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Sep 2023 20:08:42 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8WAc5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 269ms
191ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8WAc5tU1E.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976177894b0cca88ff93ab02c6da363f2d55cce5d940139db955b251fcdd19a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:27:13 GMT
x-content-type-options: nosniff
age: 456089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16920
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:27:13 GMT

GET
H2 200 pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 265ms
187ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:45:06 GMT
x-content-type-options: nosniff
age: 300216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16980
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 08:45:06 GMT

GET
H2 200 pe0oMImSLYBIv1o4X1M8cce4E9lKdg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 299ms
221ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0oMImSLYBIv1o4X1M8cce4E9lKdg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6637ea3139ffb01e240829717a4f8c195d7be6b81780ed643000b49833d8d6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 20:21:13 GMT
x-content-type-options: nosniff
age: 431249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17684
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:32:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 20:21:13 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 281ms
204ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 15:04:57 GMT
x-content-type-options: nosniff
age: 450225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17116
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 15:04:57 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 267ms
189ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:45:12 GMT
x-content-type-options: nosniff
age: 444210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17324
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 16:45:12 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc9yAs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 16 KB
16 KB 240ms
163ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9yAs5tU1E.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10e3d607a079b511915ce726f53507c5c202957996e06f5eec98c9fa8837aa15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:46:05 GMT
x-content-type-options: nosniff
age: 300157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16340
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:32:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 08:46:05 GMT

GET
H2 200 pe01MImSLYBIv1o4X1M8cce4GxZrY1MIUg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 243ms
165ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe01MImSLYBIv1o4X1M8cce4GxZrY1MIUg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f987f8cafd115868430395f46cacd158566c4d632a7e52c19d45dc445dae108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:49:49 GMT
x-content-type-options: nosniff
age: 299933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17044
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:35:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 08:49:49 GMT

GET
H2 200 pe01MImSLYBIv1o4X1M8cce4G3JoY1MIUg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 279ms
202ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe01MImSLYBIv1o4X1M8cce4G3JoY1MIUg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf22fea881f28a602afbd158f8c9d06a8bcc84e17b9b6dd9a3224992cce2a9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:48:33 GMT
x-content-type-options: nosniff
age: 300009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17676
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:32:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 08:48:33 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 259ms
182ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:47:36 GMT
x-content-type-options: nosniff
age: 300066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17156
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 08:47:36 GMT

GET
H2 200 pe01MImSLYBIv1o4X1M8cce4GwZuY1MIUg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 18 KB
18 KB 245ms
169ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe01MImSLYBIv1o4X1M8cce4GwZuY1MIUg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

726d83a336f21985803e3e183360257d891f252b37964434e67d40bfbc3c9bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:41:41 GMT
x-content-type-options: nosniff
age: 455221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17956
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:32:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:41:41 GMT

GET
H2 200 pe01MImSLYBIv1o4X1M8cce4G2JvY1MIUg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 220ms
144ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe01MImSLYBIv1o4X1M8cce4G2JvY1MIUg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b73529b4e8246ea3f18a62d5166c59e9912d10b4ed05cf4880adb3688a26408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 19:08:22 GMT
x-content-type-options: nosniff
age: 435620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17688
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 19:08:22 GMT

GET
H2 200 pe01MImSLYBIv1o4X1M8cce4G35sY1MIUg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
18 KB 235ms
158ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe01MImSLYBIv1o4X1M8cce4G35sY1MIUg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7607082657651f045fb47c40bed1ad57ba47f187ca00d119310ab62a1a31f532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:41:19 GMT
x-content-type-options: nosniff
age: 455243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17840
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:41:19 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8-BM5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 233ms
156ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8-BM5tU1E.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00dd63b0ca2fb12eb12eef7af3f543b085cb1e94d1a861b484865c973b75e93e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:27:24 GMT
x-content-type-options: nosniff
age: 466878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17364
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:32:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 10:27:24 GMT

GET
H2 200 pe01MImSLYBIv1o4X1M8cce4G1ptY1MIUg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 18 KB
18 KB 297ms
220ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe01MImSLYBIv1o4X1M8cce4G1ptY1MIUg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64f612c495faf4ac2b557d84a45f925a1259a2c242e8222b7e7fabbcbb6d9dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 12:21:11 GMT
x-content-type-options: nosniff
age: 460051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17972
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 12:21:11 GMT

GET
H2 200 WebTracker.aspx Show response
web-us11.mxradon.com/t/ 579 B
775 B 136ms
135ms Script
text/html 52.3.160.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://web-us11.mxradon.com/t/WebTracker.aspx?p1=63333&p2=Why%20is%20Clinician%20Burnout%20on%20the%20Rise%3A%20Statistics%2C%20Causes%2C%20and%20Cure&p3=-1&p4=&p5=1&p6=&p7=&p8=&p9=0&p10=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail

Requested by

Host: web-us11.mxradon.com
URL: https://web-us11.mxradon.com/t/Tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.3.160.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-160-253.compute-1.amazonaws.com

Software

Microsoft-IIS/10.0 /

Resource Hash

57749d8d128a96ef626cf7de27a482c692522e938024d5ce236fea4acfff146e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:42 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private,private,max-age=0
strict-transport-security: max-age=31536000
content-length: 390

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 212 KB
76 KB 81ms
46ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KZZXG8S

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f3cd4b8050a87d29b34c2deae3abaaf596b710457a05b5f5b5358fbe4c59808a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77291
x-xss-protection: 0
last-modified: Sat, 17 Sep 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Sep 2022 20:08:42 GMT

GET
H2 200 jetboost.js Show response
cdn.jetboost.io/ 10 KB
4 KB 30ms
10ms Script
application/javascript 2600:9000:21f3:7200:1d:7a82:2900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jetboost.io/jetboost.js
Requested by: Host: www.directshifts.com
URL: https://www.directshifts.com/post/why-is-clinician-burnout-on-the-rise?utm_source=mkt-email&utm_medium=mkt-unconfirmed-newsletter-mddo&utm_campaign=mkt-clinician-burnout-blog-newsletter&utm_source=BenchmarkEmail&utm_campaign=mkt-mddo-newsletter-batch7-09172022&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7200:1d:7a82:2900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a0b454039e9ac7799e9cf0ca720107df3a8e00f33ec4a0550baee32f945ca80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 06:00:06 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 17:35:03 GMT
server: AmazonS3
age: 52794
etag: W/"5a165b8a115f23710bf09583e2aee57a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: QOa3tPXpwYVKhdr2UNDWaTml817NOqE9NhWhGncDJH2c52lfeTvpmw==

GET
H2 200 630cdde32ef3f0eb715249ea_Blog%20feature%20image%20template-%20burnout.png
uploads-ssl.webflow.com/5b89e7a9012ec36484c5bc80/ 618 KB
619 KB 14ms
13ms Image
image/png 13.225.78.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/5b89e7a9012ec36484c5bc80/630cdde32ef3f0eb715249ea_Blog%20feature%20image%20template-%20burnout.png
Requested by: Host: www.directshifts.com
URL: https://www.directshifts.com/post/why-is-clinician-burnout-on-the-rise?utm_source=mkt-email&utm_medium=mkt-unconfirmed-newsletter-mddo&utm_campaign=mkt-clinician-burnout-blog-newsletter&utm_source=BenchmarkEmail&utm_campaign=mkt-mddo-newsletter-batch7-09172022&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-6.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97592298a224bd7651db476b9687970bd7661915bd33b36c85e31d2f3a6978b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:07:30 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
age: 73
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 632718
last-modified: Mon, 29 Aug 2022 15:40:21 GMT
server: AmazonS3
etag: "664ba5f04e6e0690a84178c4b43f7e76"
x-amz-version-id: qa.fm.Fu0_GtH9QnAb5lmQinPh1OBd3P
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: 9oFGMxP_f7u_F5ddG_U_RgveHYKoOh58jsCRr6dgnq0TH-EOB2xXFQ==

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845

Request headers

Referer
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 5c9d72e1b44d1480a5b2a8e0_fa-brands-400.ttf
uploads-ssl.webflow.com/5abebcf1b3e0cb4bb9718bba/ 127 KB
86 KB 30ms
13ms Font
application/x-font-ttf 13.225.78.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/5abebcf1b3e0cb4bb9718bba/5c9d72e1b44d1480a5b2a8e0_fa-brands-400.ttf
Requested by: Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/5abebcf1b3e0cb4bb9718bba/css/sai-directshifts.webflow.d29e9e146.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-6.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 70726f98e0d98f543d5fde05a3a74bb131c5c67f5fbffcf4d41b7f68bca2b56b

Request headers

Referer: https://uploads-ssl.webflow.com/5abebcf1b3e0cb4bb9718bba/css/sai-directshifts.webflow.d29e9e146.min.css
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 08:23:12 GMT
content-encoding: br
vary: Accept-Encoding
age: 2893531
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 29 Mar 2019 01:38:15 GMT
server: AmazonS3
etag: W/"98b6db59be947f563350d2284fc9ea36"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: aclI4VWkVPg7AQSUbH8rx8cYZMN1qUfj
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
content-type: application/x-font-ttf
x-amz-cf-id: 9p0r9As11C3zzeKysAIDyegPJ92NQ3s7sVPj-JrpGSP3Z8ug74WjLA==

GET
H2 200 7529907e9eaf8ebb5220c5f9850e3811.woff2
assets.sendinblue.com/font/Roboto/Latin/normal/normal/ 14 KB
15 KB 90ms
50ms Font
font/woff2 2606:4700::6811:a0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.sendinblue.com/font/Roboto/Latin/normal/normal/7529907e9eaf8ebb5220c5f9850e3811.woff2
Requested by: Host: www.directshifts.com
URL: https://www.directshifts.com/post/why-is-clinician-burnout-on-the-rise?utm_source=mkt-email&utm_medium=mkt-unconfirmed-newsletter-mddo&utm_campaign=mkt-clinician-burnout-blog-newsletter&utm_source=BenchmarkEmail&utm_campaign=mkt-mddo-newsletter-batch7-09172022&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e92b5e0133f0825ff255fc25b29669eb647b5ed127154841f37a10a85beccf55

Request headers

Referer: https://www.directshifts.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:42 GMT
cf-cache-status: HIT
age: 74
cf-ray: 74c479b2e9149b67-FRA
content-length: 14752
x-amz-id-2: KbSVGl/GVbLjp5EXw7d7udgxQ/Si032G5cT8+2AXroU94XdLNSMbzoslQMjs8nZth20Epv3KX6I=
last-modified: Thu, 09 Dec 2021 10:14:59 GMT
server: cloudflare
etag: "7529907e9eaf8ebb5220c5f9850e3811"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 67E7H6QZY8BVNSMX
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: font/woff2
expires: Tue, 14 Sep 2032 20:08:42 GMT

GET
H2 200 3ef7cf158f310cf752d5ad08cd0e7e60.woff2
assets.sendinblue.com/font/Roboto/Latin/bold/normal/ 14 KB
15 KB 64ms
46ms Font
font/woff2 2606:4700::6811:a0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.sendinblue.com/font/Roboto/Latin/bold/normal/3ef7cf158f310cf752d5ad08cd0e7e60.woff2
Requested by: Host: www.directshifts.com
URL: https://www.directshifts.com/post/why-is-clinician-burnout-on-the-rise?utm_source=mkt-email&utm_medium=mkt-unconfirmed-newsletter-mddo&utm_campaign=mkt-clinician-burnout-blog-newsletter&utm_source=BenchmarkEmail&utm_campaign=mkt-mddo-newsletter-batch7-09172022&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bcd8e98ed1ed963767e9cd500a484a80cee1a99caf7038ff0a8d931ab5d003b

Request headers

Referer: https://www.directshifts.com/
Origin: https://www.directshifts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:42 GMT
cf-cache-status: HIT
age: 74
cf-ray: 74c479b2e9179b67-FRA
content-length: 14752
x-amz-id-2: TtCMtqJQINXIlxfzPR87oWPfLPwf072bh4exn4g2wRGGkdz1pzEDw0tO1Y2J7GZ7xo2GWdgHXWA=
last-modified: Thu, 09 Dec 2021 10:15:00 GMT
server: cloudflare
etag: "3ef7cf158f310cf752d5ad08cd0e7e60"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 67E0MHGYHRJM8RT9
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: font/woff2
expires: Tue, 14 Sep 2032 20:08:42 GMT

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 84 KB
25 KB 31ms
7ms Script
application/javascript 23.36.162.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: www.directshifts.com
URL: https://www.directshifts.com/post/why-is-clinician-burnout-on-the-rise?utm_source=mkt-email&utm_medium=mkt-unconfirmed-newsletter-mddo&utm_campaign=mkt-clinician-burnout-blog-newsletter&utm_source=BenchmarkEmail&utm_campaign=mkt-mddo-newsletter-batch7-09172022&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 07761a402094f165326b64af5f7e36b27ea63e341f4be4aca247b007a36fdb2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: _xG88gXidICys4xDpATfRKLYWxJ0cOXw
content-encoding: br
last-modified: Thu, 08 Sep 2022 10:40:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"007b32487b3fb040f15d1ea195bd2acb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
date: Sat, 17 Sep 2022 20:08:42 GMT
content-length: 25562
x-amz-cf-id: ZmnLF0yflxQJV_CzhQ6zescnut9liV4RgkJg6L2w-v-RZBo7MCG7PA==
expires: Sun, 18 Sep 2022 04:08:42 GMT

GET
H2 200 5b8ab636012ec313fbc6268f_DS%20Logo%20Final.svg
uploads-ssl.webflow.com/5abebcf1b3e0cb4bb9718bba/ 10 KB
4 KB 18ms
9ms Image
image/svg+xml 13.225.78.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/5abebcf1b3e0cb4bb9718bba/5b8ab636012ec313fbc6268f_DS%20Logo%20Final.svg
Requested by: Host: www.directshifts.com
URL: https://www.directshifts.com/post/why-is-clinician-burnout-on-the-rise?utm_source=mkt-email&utm_medium=mkt-unconfirmed-newsletter-mddo&utm_campaign=mkt-clinician-burnout-blog-newsletter&utm_source=BenchmarkEmail&utm_campaign=mkt-mddo-newsletter-batch7-09172022&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-6.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b905294a785144d560b86a18d0f68464f266be55b5fe51ea03a3d66170efa5e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 04:16:31 GMT
content-encoding: br
last-modified: Sat, 01 Sep 2018 21:06:32 GMT
server: AmazonS3
age: 2217132
etag: W/"d1b01fa37b7c9f58ff25305560efda92"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: UKsBIgI_t65ThgxxiLldBToh7Pesz3Q9
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-cf-id: q8du5_nJqoXXrviWcSzyWPc2i8ipWL0y_ADep-SjFhJ2HGJ4VAoETg==

GET
H2 200 62e3748218ee996c45fd964c_cross-svgrepo-com.svg
uploads-ssl.webflow.com/5abebcf1b3e0cb4bb9718bba/ 1 KB
1 KB 18ms
10ms Image
image/svg+xml 13.225.78.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/5abebcf1b3e0cb4bb9718bba/62e3748218ee996c45fd964c_cross-svgrepo-com.svg
Requested by: Host: www.directshifts.com
URL: https://www.directshifts.com/post/why-is-clinician-burnout-on-the-rise?utm_source=mkt-email&utm_medium=mkt-unconfirmed-newsletter-mddo&utm_campaign=mkt-clinician-burnout-blog-newsletter&utm_source=BenchmarkEmail&utm_campaign=mkt-mddo-newsletter-batch7-09172022&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-6.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 088bfd38b9aa7429c4b7fc89052b3ee9d835a3bc422716ce97ecf006e2ee57b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 06:27:35 GMT
content-encoding: gzip
age: 1258868
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 05:47:49 GMT
server: AmazonS3
etag: W/"681cfe49be3ba42f7f795778c0b5ea4a"
vary: Accept-Encoding
x-amz-version-id: roFQZhyEesDQ44LRoZBc09kIdfdOsFom
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
content-type: image/svg+xml
x-amz-cf-id: VMpXIQrHXSQuxf-tGS_4Bnhx7zxYpQD0W5Xy8tXk4Be_ID_CdXNSmA==

GET
H2 200 62ebcbb9a2b05a280e438f48_g-.png
uploads-ssl.webflow.com/5abebcf1b3e0cb4bb9718bba/ 7 KB
7 KB 12ms
10ms Image
image/png 13.225.78.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/5abebcf1b3e0cb4bb9718bba/62ebcbb9a2b05a280e438f48_g-.png
Requested by: Host: www.directshifts.com
URL: https://www.directshifts.com/post/why-is-clinician-burnout-on-the-rise?utm_source=mkt-email&utm_medium=mkt-unconfirmed-newsletter-mddo&utm_campaign=mkt-clinician-burnout-blog-newsletter&utm_source=BenchmarkEmail&utm_campaign=mkt-mddo-newsletter-batch7-09172022&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-6.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4007c738ee13843828da5c2d9627c621b80f03ca080e701b33e5d3203ce066c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 07:07:11 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
age: 824492
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6980
last-modified: Thu, 04 Aug 2022 13:38:04 GMT
server: AmazonS3
etag: "487f858aab03adb86f4ede984a579675"
x-amz-version-id: bPPiJdWr2.SJqJTKSqHeD72.cCOo9unc
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: NgDA-Ky37ZMonR64TjuVs4T-SEOWqZQkwCyI_SnQtJq1zPfifa-wDw==

GET
H2 200 62e10a5b5da41e77eb18df78_app_store_badge.png
uploads-ssl.webflow.com/5abebcf1b3e0cb4bb9718bba/ 3 KB
3 KB 13ms
11ms Image
image/png 13.225.78.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/5abebcf1b3e0cb4bb9718bba/62e10a5b5da41e77eb18df78_app_store_badge.png
Requested by: Host: www.directshifts.com
URL: https://www.directshifts.com/post/why-is-clinician-burnout-on-the-rise?utm_source=mkt-email&utm_medium=mkt-unconfirmed-newsletter-mddo&utm_campaign=mkt-clinician-burnout-blog-newsletter&utm_source=BenchmarkEmail&utm_campaign=mkt-mddo-newsletter-batch7-09172022&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-6.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f19fdf2c12e5582cd9b0da24fe6394722cd9f60bfcba1ccdfd21de68632f786

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 14:01:07 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
age: 1318056
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2832
last-modified: Wed, 27 Jul 2022 09:50:20 GMT
server: AmazonS3
etag: "b672f871bfbcfa9b4f0fe7d4850c07f3"
x-amz-version-id: RxamjGsV9mYmhzkEkos2YXpi26oZZkOA
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: ksz_jWAy7sDpwLirfT5_YOOF8C1RjVAeBRB-2AbLHR2Rtv90Vhga6A==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 118ms
38ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113221055-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3165
date: Sat, 17 Sep 2022 19:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 17 Sep 2022 21:15:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 168 KB
62 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-355023507&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113221055-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6896f9b773767244f30908e4c1aa1c9f9db8c22b23e502301784aba08e638fc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63164
x-xss-protection: 0
last-modified: Sat, 17 Sep 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Sep 2022 20:08:42 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 34ms
11ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KZZXG8S
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:42 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=32030
accept-ranges: bytes
content-length: 3063

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 54ms
36ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KZZXG8S

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 002F351A912B44F8B606606859FEFA87 Ref B: FRAEDGE1215 Ref C: 2022-09-17T20:08:42Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Sat, 17 Sep 2022 20:08:42 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 66ms
37ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KZZXG8S
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:42 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 15:04:19 GMT
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15317
x-served-by: cache-iad-kcgs7200036-IAD, cache-muc13955-MUC

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KZZXG8S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26839
x-xss-protection: 0
pragma: public
x-fb-debug: RZK6oWrVVGvRTjDb3cnPIW1VSvA1xiMYiX70k80Rqmal7CdngN7JOzh2pxSdIAJlTw/k0NQ0ZbHL/OyggprYlw==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 17 Sep 2022 20:08:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
74 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H8HEWMX2WT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KZZXG8S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

03e8123014d2bf85680154d60a594c877c761c03ba1b30375c85e1e6a54b4837

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75308
x-xss-protection: 0
expires: Sat, 17 Sep 2022 20:08:42 GMT

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.3/customer/action/ 79 B
199 B 523ms
506ms Script
application/javascript 23.36.162.71
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=9643630&url=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&channel_type=code&jsonp=__suimojydzv
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.71 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9d610260eb5213acfda12f039262d0be3521d8a484e815cfc6f50ad8d155c286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

legacy: 2023-06-30
date: Sat, 17 Sep 2022 20:08:43 GMT
content-length: 79
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 160ms
93ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-355023507

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 17 Sep 2022 20:08:43 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1219810&time=1663445323030&url=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_med...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1219810%26time%3D1663445323030%26url%3Dhttps%253A%252F%252Fwww.directshifts.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1219810&time=1663445323030&url=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_med...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1219810&time=1663445323030&url=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_me...

0
263 B

243ms
158ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1219810&time=1663445323030&url=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&liSync=true&e_ipv6=AQJ04yuxDBAQSQAAAYNNEU640QycuEUJS0obg5bkZUHikxxym63XELryCfukH-f9Cizqsq53
Requested by: Host: www.directshifts.com
URL: https://www.directshifts.com/post/why-is-clinician-burnout-on-the-rise?utm_source=mkt-email&utm_medium=mkt-unconfirmed-newsletter-mddo&utm_campaign=mkt-clinician-burnout-blog-newsletter&utm_source=BenchmarkEmail&utm_campaign=mkt-mddo-newsletter-batch7-09172022&utm_medium=email
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:42 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 8A9362D8C6AC412DA9053028C604F561 Ref B: FRAEDGE1412 Ref C: 2022-09-17T20:08:43Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXo5QufA4jVhMupMUx99g==
x-li-fabric: prod-ltx1

Redirect headers

date: Sat, 17 Sep 2022 20:08:42 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 01B29AD501DB4C2AADAD04973BDB9CE8 Ref B: FRAEDGE1217 Ref C: 2022-09-17T20:08:43Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1219810&time=1663445323030&url=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&liSync=true&e_ipv6=AQJ04yuxDBAQSQAAAYNNEU640QycuEUJS0obg5bkZUHikxxym63XELryCfukH-f9Cizqsq53
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXo5QubWacSIO4TGgQVIQ==

GET
H2 200 adsct
t.co/i/ 43 B
338 B 129ms
110ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=205850c1-3390-4006-8b3b-bce76c9645e1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3c225163-f78f-47a3-999e-76e8a8b67266&tw_document_href=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o39cm&type=javascript&version=2.3.27

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time: 104
date: Sat, 17 Sep 2022 20:08:42 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 63115a98d9b9d81bca2f76928fd7b0f0741e2bfa6f75c8fbe5642000899e377b
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
356 B 130ms
112ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=205850c1-3390-4006-8b3b-bce76c9645e1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3c225163-f78f-47a3-999e-76e8a8b67266&tw_document_href=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o39cm&type=javascript&version=2.3.27

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time: 105
date: Sat, 17 Sep 2022 20:08:42 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: fbce9ebd8c9934d6595b83f70d56036c52f0408c43589fe0f490814d43307544
content-length: 43

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.83

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20715
x-xss-protection: 0
pragma: public
x-fb-debug: HSDPoF2CemqypvI4UH31luhTncTiyHvJrrVOjE85N2eaDt/NSYv69quCugCuORPApjrIWi7jSveT+T2CdE500g==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 17 Sep 2022 20:08:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 544517416607632 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 23ms
14ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/544517416607632?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

15760c570db5b96430d1047d1f703047a5b24d5d272d22061637bfd1cf0830ba

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85906
x-xss-protection: 0
pragma: public
x-fb-debug: IpzioOTt4GPWcb259nP/qx1JukOOVQhWsfwPQK1PN7CzYNjLzFM1DCsA3rlE94V0BmYaA8ioT79dcFuLZ5xSzQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 17 Sep 2022 20:08:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 25061442.js Show response
bat.bing.com/p/action/ 1 KB
842 B 135ms
134ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25061442.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b398fb42fd18cb6068c326cf8512a1757050cea3a5aefb43b8111926f37b0664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 22F0E917DE994C4198EC2BD316EF93F0 Ref B: FRAEDGE1215 Ref C: 2022-09-17T20:08:43Z
date: Sat, 17 Sep 2022 20:08:42 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 666

GET
H2 204 0
bat.bing.com/action/ 0
175 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25061442&tm=gtm002&Ver=2&mid=05a0a6c8-db3b-4237-b95d-578e02aabf8d&sid=87583f4036c411ed9d827dedb6cae180&vid=8758990036c411ed86fbd9f99561dec0&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Why%20is%20Clinician%20Burnout%20on%20the%20Rise%3A%20Statistics,%20Causes,%20and%20Cure&p=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&r=&lt=1191&evt=pageLoad&sv=1&rn=933384

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A91E06F825314B4883942C7FB57FC82D Ref B: FRAEDGE1215 Ref C: 2022-09-17T20:08:43Z
date: Sat, 17 Sep 2022 20:08:42 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
341 B 113ms
40ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-H8HEWMX2WT&gtm=2oe9e0&_p=251866704&cid=1294269769.1663445323&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663445323&sct=1&seg=0&dl=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&dt=Why%20is%20Clinician%20Burnout%20on%20the%20Rise%3A%20Statistics%2C%20Causes%2C%20and%20Cure&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H8HEWMX2WT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Sep 2022 20:08:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.directshifts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 138ms
43ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=251866704&t=pageview&_s=1&dl=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&ul=en-us&de=UTF-8&dt=Why%20is%20Clinician%20Burnout%20on%20the%20Rise%3A%20Statistics%2C%20Causes%2C%20and%20Cure&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=2008552330&gjid=1940845683&cid=1294269769.1663445323&tid=UA-113221055-3&_gid=866155072.1663445323&_r=1&gtm=2ou9e0&z=426915073

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.directshifts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Sep 2022 20:08:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.directshifts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 284419142155108 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/284419142155108?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

820084bc8646a795a753675c2f01d9c961e11bd4225d7ce641d4119d09e9882b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85895
x-xss-protection: 0
pragma: public
x-fb-debug: muv5Od3z5I3tKICRNFRktPIKSYXErJkqDjRbsZngCwCUFbEnNwZmlHrvmUfoyYSZunm2cSLmiPb3zG8KfJ8+JQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 17 Sep 2022 20:08:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/?id=544517416607632&ev=PageView&dl=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirm...
https://www.facebook.com/tr/?a=tmSimo-GTM-WebTemplate&coo=false&dl=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-uncon...

44 B
88 B

37ms
26ms

Image
image/gif

2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?a=tmSimo-GTM-WebTemplate&coo=false&dl=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&ec=0&ev=PageView&fbp=fb.1.1663445323134.1263441218&id=544517416607632&if=false&it=1663445323048&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&tm=1&ts=1663445323135&v=2.9.83

Requested by

Protocol

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sat, 17 Sep 2022 20:08:43 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Sep 2022 20:08:43 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
location: /tr/?a=tmSimo-GTM-WebTemplate&coo=false&dl=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&ec=0&ev=PageView&fbp=fb.1.1663445323134.1263441218&id=544517416607632&if=false&it=1663445323048&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&tm=1&ts=1663445323135&v=2.9.83
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 38ms
27ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=544517416607632&ev=PageView&dl=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&rl=&if=false&ts=1663445323164&sw=1600&sh=1200&v=2.9.83&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1663445323134.1263441218&it=1663445323048&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sat, 17 Sep 2022 20:08:43 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 25ms
14ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=284419142155108&ev=PageView&dl=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&rl=&if=false&ts=1663445323165&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663445323134.1263441218&it=1663445323048&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sat, 17 Sep 2022 20:08:43 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/355023507/ 3 KB
2 KB 487ms
82ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/355023507/?random=1663445323189&cv=9&fst=1663445323189&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&tiba=Why%20is%20Clinician%20Burnout%20on%20the%20Rise%3A%20Statistics%2C%20Causes%2C%20and%20Cure&auid=2019795109.1663445323&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6769bcd47d1d3c5b28fa383cdb482a2d9e563cf673bb652efd621072901f5385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Sep 2022 20:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1201
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 25061442 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 515ms
111ms Script
application/x-javascript 2620:1ec:27::cafe:1761
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/25061442
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/25061442.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1761 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: a9035bc864a9bdcc338395c23c94ed435d392b25a37345f7d30976e078bf8e9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:43 GMT
x-powered-by: ASP.NET
x-azure-ref: 0SykmYwAAAAD7B6TLrELnRKyfGvn/KHZRR1ZBMzBFREdFMDIxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
442 B 370ms
18ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-113221055-3&cid=1294269769.1663445323&jid=2008552330&gjid=1940845683&_gid=866155072.1663445323&_u=YADAAUAAAAAAAC~&z=1515112124

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.directshifts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 17 Sep 2022 20:08:43 GMT
content-type: text/plain
access-control-allow-origin: https://www.directshifts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/355023507/ 3 KB
1 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/355023507/?random=1663445323664&cv=9&fst=1663445323664&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&tiba=Why%20is%20Clinician%20Burnout%20on%20the%20Rise%3A%20Statistics%2C%20Causes%2C%20and%20Cure&auid=2019795109.1663445323&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37e33458510d2b93c61f3de22dc30aa902415bda1e504a6116d108870a93b4b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Sep 2022 20:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1201
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 9640 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.directshifts.com
Referer: https://www.directshifts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.directshifts.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sat, 17 Sep 2022 20:08:43 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/355023507/ 3 KB
1 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/355023507/?random=1663445323678&cv=9&fst=1663445323678&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&tiba=Why%20is%20Clinician%20Burnout%20on%20the%20Rise%3A%20Statistics%2C%20Causes%2C%20and%20Cure&auid=2019795109.1663445323&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9618dfba2c17662fffde217d5e4b714bd0184a0c0f2f0b3c1e12d763bdb99ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Sep 2022 20:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1203
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame AF67 0
15 B 9ms
8ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.directshifts.com
Referer: https://www.directshifts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.directshifts.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sat, 17 Sep 2022 20:08:43 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 /
www.google.com/pagead/1p-user-list/355023507/ 42 B
108 B 131ms
50ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/355023507/?random=1663445323189&cv=9&fst=1663444800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&tiba=Why%20is%20Clinician%20Burnout%20on%20the%20Rise%3A%20Statistics%2C%20Causes%2C%20and%20Cure&async=1&fmt=3&is_vtc=1&random=1971142194&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Sep 2022 20:08:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/355023507/ 42 B
108 B 132ms
51ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/355023507/?random=1663445323189&cv=9&fst=1663444800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&tiba=Why%20is%20Clinician%20Burnout%20on%20the%20Rise%3A%20Statistics%2C%20Causes%2C%20and%20Cure&async=1&fmt=3&is_vtc=1&random=1971142194&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Sep 2022 20:08:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-b/s/0.6.40/ 54 KB
23 KB 113ms
112ms Script
application/javascript 2620:1ec:27::cafe:1761
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-b/s/0.6.40/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/25061442
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1761 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 20:08:43 GMT
content-encoding: br
etag: "1d8bd4806fdad30"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0SykmYwAAAAARjkdNdUjpRKu7Kj6Sh9XoR1ZBMzBFREdFMDIxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
content-length: 23442
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 /
www.google.com/pagead/1p-user-list/355023507/ 42 B
548 B 74ms
49ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/355023507/?random=1663445323664&cv=9&fst=1663444800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&tiba=Why%20is%20Clinician%20Burnout%20on%20the%20Rise%3A%20Statistics%2C%20Causes%2C%20and%20Cure&async=1&fmt=3&is_vtc=1&random=1491996717&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Sep 2022 20:08:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/355023507/ 42 B
548 B 76ms
51ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/355023507/?random=1663445323664&cv=9&fst=1663444800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&tiba=Why%20is%20Clinician%20Burnout%20on%20the%20Rise%3A%20Statistics%2C%20Causes%2C%20and%20Cure&async=1&fmt=3&is_vtc=1&random=1491996717&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Sep 2022 20:08:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/355023507/ 42 B
108 B 67ms
54ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/355023507/?random=1663445323678&cv=9&fst=1663444800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&tiba=Why%20is%20Clinician%20Burnout%20on%20the%20Rise%3A%20Statistics%2C%20Causes%2C%20and%20Cure&async=1&fmt=3&is_vtc=1&random=1832773875&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Sep 2022 20:08:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/355023507/ 42 B
108 B 65ms
52ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/355023507/?random=1663445323678&cv=9&fst=1663444800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.directshifts.com%2Fpost%2Fwhy-is-clinician-burnout-on-the-rise%3Futm_source%3Dmkt-email%26utm_medium%3Dmkt-unconfirmed-newsletter-mddo%26utm_campaign%3Dmkt-clinician-burnout-blog-newsletter%26utm_source%3DBenchmarkEmail%26utm_campaign%3Dmkt-mddo-newsletter-batch7-09172022%26utm_medium%3Demail&tiba=Why%20is%20Clinician%20Burnout%20on%20the%20Rise%3A%20Statistics%2C%20Causes%2C%20and%20Cure&async=1&fmt=3&is_vtc=1&random=1832773875&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Sep 2022 20:08:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=06A19BDC81D24ADBBF12C5CD1A56E0B7&RedC=c.clarity.ms&MXFR=0D33FBAF8A26681D0286E98D8E266634
https://c.clarity.ms/c.gif?CtsSyncId=06A19BDC81D24ADBBF12C5CD1A56E0B7&MUID=20F030EC6FE26C38084222CE6E306D3B

42 B
368 B

28ms
28ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=06A19BDC81D24ADBBF12C5CD1A56E0B7&MUID=20F030EC6FE26C38084222CE6E306D3B
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.directshifts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Sep 2022 20:08:43 GMT
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8d3298b0aac7d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 17 Sep 2022 20:08:43 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0D427BF8CF52467DB294F87BB208B352 Ref B: FRAEDGE1215 Ref C: 2022-09-17T20:08:43Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=06A19BDC81D24ADBBF12C5CD1A56E0B7&MUID=20F030EC6FE26C38084222CE6E306D3B
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 204 collect Show response
f.clarity.ms/ 0
179 B 370ms
184ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.directshifts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://www.directshifts.com
date: Sat, 17 Sep 2022 20:08:44 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.directshifts.com/post	1969-12-31 23:59:59	Name: MXCookie Value: MXCookie
.bmetrack.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: neqjokllmtdjazaacbxkcvnu
.directshifts.com/	1970-01-20 15:40:05	Name: ORG63333 Value: bf5bcb8c-785a-46d0-8e19-4b1108a3848c
.directshifts.com/	1970-01-20 08:13:41	Name: _gcl_au Value: 1.1.2019795109.1663445323
.bing.com/	1970-01-20 15:25:41	Name: MUID Value: 20F030EC6FE26C38084222CE6E306D3B
.directshifts.com/	1970-01-20 06:05:31	Name: _uetsid Value: 87583f4036c411ed9d827dedb6cae180
.directshifts.com/	1970-01-20 15:25:41	Name: _uetvid Value: 8758990036c411ed86fbd9f99561dec0
.directshifts.com/	1970-01-20 15:40:05	Name: _ga_H8HEWMX2WT Value: GS1.1.1663445323.1.0.1663445323.0.0.0
.directshifts.com/	1970-01-20 15:40:05	Name: _ga Value: GA1.2.1294269769.1663445323
.directshifts.com/	1970-01-20 06:05:31	Name: _gid Value: GA1.2.866155072.1663445323
.directshifts.com/	1970-01-20 06:04:05	Name: _gat_gtag_UA_113221055_3 Value: 1
.directshifts.com/	1970-01-20 08:13:41	Name: _fbp Value: fb.1.1663445323134.1263441218
.t.co/	1970-01-20 15:40:05	Name: muc_ads Value: 69f58a1d-2582-4b35-95c0-bdd064386e26
.twitter.com/	1970-01-20 15:40:05	Name: personalization_id Value: "v1_i7+fJsWNOweyma8VK+NMVA=="
.linkedin.com/	1970-01-20 06:47:17	Name: UserMatchHistory Value: AQIzrnbCphtqvwAAAYNNEU2A4s7A1pOQuhmqOeW9dVND7UzD0vX5RDSqOGGb8amFSEhZ3rfNks-4MA
.linkedin.com/	1970-01-20 06:47:17	Name: AnalyticsSyncHistory Value: AQKb4EYfbRlmUwAAAYNNEU2AZgPuUvSZsMYN_eFlWp8EvwBCeQvrzZ-3gpoiz6sAda3VZ0uNEyVC3WHHN27IbA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:49:41	Name: bcookie Value: "v=2&c50814a5-28fd-4053-8434-490d590c831d"
.linkedin.com/	1970-01-20 06:05:31	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2804:u=1:x=1:i=1663445323:t=1663531723:v=2:sig=AQFRguR71JxEYpe4mgSugN7iQ5YcgaOv"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 14:49:41	Name: bscookie Value: "v=1&20220917200843c61b1002-5d97-4d1b-8d8b-b226f0d8947fAQFODGhuCy4p9aV2C0j0S-waQAgjVRwQ"
.linkedin.com/	1970-01-20 10:23:17	Name: li_gc Value: MTswOzE2NjM0NDUzMjM7MjswMjHr8fzHsBq06srmoo2jV3UBIGMXHfFr28U5te27i74vlw==
.doubleclick.net/	1970-01-20 06:04:06	Name: test_cookie Value: CheckForPermission
www.clarity.ms/	1970-01-20 14:49:41	Name: CLID Value: 6fa8cdffd78a4f91bd21a82b6e1bf154.20220917.20230917
.directshifts.com/	1970-01-20 14:49:41	Name: _clck Value: 1v0x3uj\|1\|f4y\|0
.c.bing.com/	1970-01-20 15:25:41	Name: SRM_B Value: 20F030EC6FE26C38084222CE6E306D3B
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:25:41	Name: MUID Value: 20F030EC6FE26C38084222CE6E306D3B
.c.clarity.ms/	1970-01-20 06:04:05	Name: ANONCHK Value: 0
.directshifts.com/	1970-01-20 06:05:31	Name: _clsk Value: xiz7ir\|1663445324319\|1\|1\|f.clarity.ms/collect

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.twitter.com
api.livechatinc.com
assets.sendinblue.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.jetboost.io
cdn.livechatinc.com
cdnjs.cloudflare.com
clt1431339.bmetrack.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
f.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
sibforms.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
uploads-ssl.webflow.com
web-us11.mxradon.com
www.clarity.ms
www.directshifts.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
104.244.42.197
104.244.42.67
13.107.42.14
13.225.78.6
13.225.84.17
142.250.185.226
199.232.188.157
20.234.93.27
20.84.22.197
2001:4860:4802:34::36
23.36.162.25
23.36.162.71
2600:9000:21f3:7200:1d:7a82:2900:93a1
2606:4700::6811:190e
2606:4700::6811:a0c
2606:4700::6812:9207
2620:1ec:21::14
2620:1ec:27::cafe:1761
2620:1ec:c11::200
2a00:1450:4001:806::2004
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:400c:c06::9c
2a02:26f0:3500:16::215:14a0
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.217.184.84
34.253.101.190
52.3.160.253
00dd63b0ca2fb12eb12eef7af3f543b085cb1e94d1a861b484865c973b75e93e
0223e8486d3e57906fd46def1393dadcce0bc5aff032b751c43a942c71f0cd7c
03e8123014d2bf85680154d60a594c877c761c03ba1b30375c85e1e6a54b4837
0418dffa2bed9a6300fed9d918f688e7f195b08f4c6f016a07f62ae48fe9609e
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845
07761a402094f165326b64af5f7e36b27ea63e341f4be4aca247b007a36fdb2f
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
088bfd38b9aa7429c4b7fc89052b3ee9d835a3bc422716ce97ecf006e2ee57b3
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
10a69d2a03ee201fd6e63973e112e343c9121992fb984b0955dce675dd8a7a87
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10e3d607a079b511915ce726f53507c5c202957996e06f5eec98c9fa8837aa15
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
15760c570db5b96430d1047d1f703047a5b24d5d272d22061637bfd1cf0830ba
1c0f651c3c90096df9ef001b0473f96b28f4dac4754b41bfae901135ebc64c50
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
2f19fdf2c12e5582cd9b0da24fe6394722cd9f60bfcba1ccdfd21de68632f786
2f987f8cafd115868430395f46cacd158566c4d632a7e52c19d45dc445dae108
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46
37e33458510d2b93c61f3de22dc30aa902415bda1e504a6116d108870a93b4b3
3a0b454039e9ac7799e9cf0ca720107df3a8e00f33ec4a0550baee32f945ca80
3d92e113ac3031b838001ddddf965d045f470ff748ff2e116b30378910eeaecb
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
5364955e6896b4616b311e51738cc2c5fcc1f4dbd2bcb050b47cbd2a41a67582
57749d8d128a96ef626cf7de27a482c692522e938024d5ce236fea4acfff146e
598ca31f709694c757f520a364356226d95616b174e546e13d6b54f2ad0ce2f2
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
64f612c495faf4ac2b557d84a45f925a1259a2c242e8222b7e7fabbcbb6d9dcf
6637ea3139ffb01e240829717a4f8c195d7be6b81780ed643000b49833d8d6d1
6769bcd47d1d3c5b28fa383cdb482a2d9e563cf673bb652efd621072901f5385
6896f9b773767244f30908e4c1aa1c9f9db8c22b23e502301784aba08e638fc1
6981a68f214d6ee11f429b2d4a36ce8c0f0259deaace7fa15bd98e603123a8e7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3
70726f98e0d98f543d5fde05a3a74bb131c5c67f5fbffcf4d41b7f68bca2b56b
726d83a336f21985803e3e183360257d891f252b37964434e67d40bfbc3c9bc6
75ca7c01eaa8136d970bde6ea6ae0896d2fe30febf82e7679257df6e1f8a7496
7607082657651f045fb47c40bed1ad57ba47f187ca00d119310ab62a1a31f532
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
820084bc8646a795a753675c2f01d9c961e11bd4225d7ce641d4119d09e9882b
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8bcd8e98ed1ed963767e9cd500a484a80cee1a99caf7038ff0a8d931ab5d003b
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
97592298a224bd7651db476b9687970bd7661915bd33b36c85e31d2f3a6978b3
976177894b0cca88ff93ab02c6da363f2d55cce5d940139db955b251fcdd19a6
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b73529b4e8246ea3f18a62d5166c59e9912d10b4ed05cf4880adb3688a26408
9d610260eb5213acfda12f039262d0be3521d8a484e815cfc6f50ad8d155c286
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a79b4c65b454a795ff3868156f54be09ac8360b9fd3ba21431b5c48fd9b66afa
a9035bc864a9bdcc338395c23c94ed435d392b25a37345f7d30976e078bf8e9d
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b19efe906c9b0345db45525ed83c76031644e39329a36d39badf5275bce363c2
b398fb42fd18cb6068c326cf8512a1757050cea3a5aefb43b8111926f37b0664
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b905294a785144d560b86a18d0f68464f266be55b5fe51ea03a3d66170efa5e2
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
bc43d61017e30f133e5b52faaa3935429fb266b3ef9c490c4e84ad2c7bc7714e
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bf22fea881f28a602afbd158f8c9d06a8bcc84e17b9b6dd9a3224992cce2a9e2
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
cb1cd5496aedd8302244fe87682d008afde12777e7c131e631348b32492bdd46
d32335c2c5fd5de9ee5f3d3b1fe4d9dde14aad16eda570a35018b0ff1dc093d2
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e92b5e0133f0825ff255fc25b29669eb647b5ed127154841f37a10a85beccf55
e9618dfba2c17662fffde217d5e4b714bd0184a0c0f2f0b3c1e12d763bdb99ea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3cd4b8050a87d29b34c2deae3abaaf596b710457a05b5f5b5358fbe4c59808a
f4007c738ee13843828da5c2d9627c621b80f03ca080e701b33e5d3203ce066c
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
faa4ab5d0c2fb875e32c74ff91fd0f06898572c56a2c0d4c545250887d124c98

www.directshifts.com Open in urlscan Pro 34.253.101.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

103 Requests

97 %HTTPS

58 %IPv6

27 Domains

36 Subdomains

32 IPs

4 Countries

2572 kBTransfer

5117 kBSize

30 Cookies

12 Outgoing links

Page URL History

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.directshifts.com Open in urlscan Pro
34.253.101.190 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

97 %
HTTPS

58 %
IPv6

27
Domains

36
Subdomains

32
IPs

4
Countries

2572 kB
Transfer

5117 kB
Size

30
Cookies

103 HTTP transactions
1 data transactions