stateofchange-clinic.com Open in urlscan Pro
199.189.224.197 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://stateofchange-clinic.com/
Effective URL:
https://stateofchange-clinic.com/
Submission: On August 07 via manual (August 7th 2024, 12:14:08 pm UTC) from NL — Scanned from US

Summary HTTP 75 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 11 IPs in 1 countries across 10 domains to perform 75 HTTP transactions. The main IP is 199.189.224.197, located in United States and belongs to LIQUIDWEB, US. The main domain is stateofchange-clinic.com.
TLS certificate: Issued by R11 on August 2nd 2024. Valid for: 3 months.

This is the only time stateofchange-clinic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	199.189.224.197 199.189.224.197	32244 (LIQUIDWEB) (LIQUIDWEB)
3	2607:f8b0:400... 2607:f8b0:400d:c04::61	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c0b::5f	15169 (GOOGLE) (GOOGLE)
11	2600:9000:251... 2600:9000:2514:f200:2:6f7a:6f00:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:261... 2600:9000:261f:ac00:1d:ebc3:8280:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6812:1c68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2607:f8b0:400... 2607:f8b0:400d:c0e::5e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c09::65	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c0d::9d	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c07::67	15169 (GOOGLE) (GOOGLE)
75	11

31 199.189.224.197 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: cloudhost-6164519.us-midwest-2.nxcli.net

stateofchange-clinic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c04::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c0b::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:2514:f200:2:6f7a:6f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

mlxmgiysxn0c.i.optimole.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:261f:ac00:1d:ebc3:8280:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.doctify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:1c68 (United States)

ASN13335 (CLOUDFLARENET, US)

client.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:400d:c0e::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::65 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c0d::9d (Morganton, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c07::67 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	stateofchange-clinic.com stateofchange-clinic.com	910 KB
11	optimole.com mlxmgiysxn0c.i.optimole.com	104 KB
9	gstatic.com fonts.gstatic.com	118 KB
6	crisp.chat client.crisp.chat — Cisco Umbrella Rank: 29641	118 KB
5	doctify.com www.doctify.com — Cisco Umbrella Rank: 694134	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	336 KB
2	google.com www.google.com — Cisco Umbrella Rank: 10	128 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
75	10

	Domain	Requested by
31	stateofchange-clinic.com	stateofchange-clinic.com
11	mlxmgiysxn0c.i.optimole.com	stateofchange-clinic.com
9	fonts.gstatic.com	fonts.googleapis.com
6	client.crisp.chat	stateofchange-clinic.com client.crisp.chat
5	www.doctify.com	stateofchange-clinic.com www.doctify.com
3	www.googletagmanager.com	stateofchange-clinic.com www.googletagmanager.com
2	www.google.com	stateofchange-clinic.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com
2	fonts.googleapis.com	stateofchange-clinic.com
75	10

This site contains links to these domains. Also see Links.

Domain
ecosoberhouse.com
www.stateofchange.co.uk
stateofchange-clinic.uk2.cliniko.com
www.xcritical.com
www.instagram.com
www.linkedin.com
www.doctify.com
www.osteopathy.org.uk

Subject Issuer	Validity	Valid
8399571df6.nxcli.io R11	`2024-08-02` - `2024-10-31`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.i.optimole.com Amazon RSA 2048 M03	`2024-02-10` - `2025-03-10`	a year	crt.sh
doctify.com Amazon RSA 2048 M03	`2024-05-08` - `2025-06-06`	a year	crt.sh
crisp.chat E6	`2024-08-01` - `2024-10-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://stateofchange-clinic.com/
Frame ID: 72C14FE8B1D8CBB7A206C154040A7097
Requests: 82 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - StateOfChange Clinic

Page URL History Show full URLs

http://stateofchange-clinic.com/ HTTP 307
https://stateofchange-clinic.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/revslider/[/\w-]+/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

75
Requests

97 %
HTTPS

90 %
IPv6

10
Domains

10
Subdomains

11
IPs

1
Countries

1613 kB
Transfer

4226 kB
Size

6
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://ecosoberhouse.com/article/dealing-with-ptsd-alcohol-blackouts-and-memory-loss/
Title: PTSD blackouts

Search URL Search Domain Scan URL

URL: https://www.stateofchange.co.uk/prices
Title: Personal Training

Search URL Search Domain Scan URL

URL: https://stateofchange-clinic.uk2.cliniko.com/bookings
Title: Book Now

Search URL Search Domain Scan URL

URL: https://www.xcritical.com/blog/smart-order-routing-role-of-the-smart-order-router-in-trading/
Title: order routing to access global markets

Search URL Search Domain Scan URL

URL: https://stateofchange-clinic.uk2.cliniko.com/bookings?appointment_type_id=1091866591919874048
Title: Book Now

Search URL Search Domain Scan URL

URL: https://www.instagram.com/edoardo_osteopath/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/edoardo-cecchinato-4ab67b123/

Search URL Search Domain Scan URL

URL: https://www.doctify.com/uk/specialist/edoardo-cecchinato
Title: Excellent based on 94 patient reviews Verified by

Search URL Search Domain Scan URL

URL: https://www.osteopathy.org.uk/home/
Title: General Osteopathic Council (GOsC)

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://stateofchange-clinic.com/ HTTP 307
https://stateofchange-clinic.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

75 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
stateofchange-clinic.com/
Redirect Chain

http://stateofchange-clinic.com/
https://stateofchange-clinic.com/

170 KB
26 KB

744ms
489ms

Document
text/html

199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: 1e30754d8fe88eee04066e91cabdf784880afffbf71b8f08fbe6eb230ff9ad15

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 07 Aug 2024 12:14:01 GMT
link: <https://stateofchange-clinic.com/wp-json/>; rel="https://api.w.org/", <https://stateofchange-clinic.com/wp-json/wp/v2/pages/8>; rel="alternate"; title="JSON"; type="application/json", <https://stateofchange-clinic.com/>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: BYPASS

Redirect headers

Location: https://stateofchange-clinic.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 314 KB
104 KB 105ms
46ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B735ZTSPDC

Requested by

Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d29a656a46b5ec7192d1714e91b2bc38c6139e99dccd91889bad455e7d9b2b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106364
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Aug 2024 12:14:01 GMT

GET
H2 200 style.min.css
stateofchange-clinic.com/wp-includes/css/dist/block-library/ 110 KB
13 KB 45ms
39ms Stylesheet
text/css 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: 885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Tue, 23 Jul 2024 16:39:49 GMT
server: nginx
etag: W/"1b723-61deccf6f2094"
vary: Accept-Encoding
content-type: text/css
x-nocache: 1

GET
H2 200 styles.css
stateofchange-clinic.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
957 B 55ms
50ms Stylesheet
text/css 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.6
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Fri, 12 Jul 2024 15:13:15 GMT
server: nginx
etag: W/"b4e-61d0e5195dac4"
vary: Accept-Encoding
x-cache-nxaccel: MISS
content-type: text/css

GET
H2 200 uaf.css
stateofchange-clinic.com/wp-content/uploads/useanyfont/ 341 B
225 B 54ms
49ms Stylesheet
text/css 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-content/uploads/useanyfont/uaf.css?ver=1718896539
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: 5aa726c4d4bb74e7e4f3179270f6f1faaac74117dd25ef5cbd4c535c4657b4f1

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Thu, 20 Jun 2024 15:15:39 GMT
server: nginx
etag: W/"155-61b53c9a4bdfd"
vary: Accept-Encoding
x-cache-nxaccel: MISS
content-type: text/css

GET
H2 200 if-menu-site.css
stateofchange-clinic.com/wp-content/plugins/if-menu/assets/ 929 B
507 B 43ms
38ms Stylesheet
text/css 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-content/plugins/if-menu/assets/if-menu-site.css?ver=6.6.1
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: a5493a5b3c37e372b6fbad104606ee808ea4ff2f4f9b9f42ab060e20ca78cf84

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Thu, 25 Jul 2024 12:14:03 GMT
server: nginx
etag: W/"3a1-61e11549da29e"
vary: Accept-Encoding
x-cache-nxaccel: MISS
content-type: text/css

GET
H2 200 be.css
stateofchange-clinic.com/wp-content/themes/betheme/css/ 306 KB
49 KB 55ms
50ms Stylesheet
text/css 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-content/themes/betheme/css/be.css?ver=23.0.3
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: 535f02e5af659d7307f975fb17d8bc7cf20fa26e8e5ace67e4b0075bd73ad3f9

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Mon, 31 Oct 2022 01:48:31 GMT
server: nginx
etag: W/"4c65b-5ec4acdf9f9c0"
vary: Accept-Encoding
x-cache-nxaccel: MISS
content-type: text/css

GET
H2 200 animations.min.css
stateofchange-clinic.com/wp-content/themes/betheme/assets/animations/ 57 KB
4 KB 57ms
53ms Stylesheet
text/css 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=23.0.3
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: 38be46aaa000896df8c89b3d6fc608efe575d822c4f4541cf7ad6b5069ce2879

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Mon, 31 Oct 2022 01:48:31 GMT
server: nginx
etag: W/"e4a1-5ec4acdf9f9c0"
vary: Accept-Encoding
x-cache-nxaccel: MISS
content-type: text/css

GET
H2 200 fontawesome.css
stateofchange-clinic.com/wp-content/themes/betheme/fonts/fontawesome/ 59 KB
12 KB 53ms
48ms Stylesheet
text/css 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=23.0.3
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: 6a8f55d140604ca7fed7724ee5d45c06d445673636211543d30959c317a98a4b

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Mon, 31 Oct 2022 01:48:31 GMT
server: nginx
etag: W/"ed1d-5ec4acdf9f9c0"
vary: Accept-Encoding
x-cache-nxaccel: MISS
content-type: text/css

GET
H2 200 jplayer.blue.monday.css
stateofchange-clinic.com/wp-content/themes/betheme/assets/jplayer/css/ 10 KB
2 KB 42ms
39ms Stylesheet
text/css 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=23.0.3
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: 593998021e5710fcc6797244da4006389ea8a5c15dc3ce7a661685cb36638844

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Mon, 31 Oct 2022 01:48:31 GMT
server: nginx
etag: W/"266a-5ec4acdf9f9c0"
vary: Accept-Encoding
x-cache-nxaccel: MISS
content-type: text/css

GET
H2 200 responsive.css
stateofchange-clinic.com/wp-content/themes/betheme/css/ 56 KB
9 KB 43ms
39ms Stylesheet
text/css 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-content/themes/betheme/css/responsive.css?ver=23.0.3
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: 228d4ac5bf724e38bc813b0f46c9be14a60a48485ae76ec108d161e00d66f07f

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Mon, 31 Oct 2022 01:48:31 GMT
server: nginx
etag: W/"e1ba-5ec4acdf9f9c0"
vary: Accept-Encoding
x-cache-nxaccel: MISS
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 19 KB
2 KB 86ms
29ms Stylesheet
text/css 2607:f8b0:400d:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic%7CPoppins%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic&display=swap&ver=6.6.1

Requested by

Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a7d9efa1b0bf0b16fa8b02f0c5bb9be1afc08ee0fd3e158f6329dadaa722732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Aug 2024 12:14:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Aug 2024 12:14:01 GMT

GET
H2 200 jquery.min.js Show response
stateofchange-clinic.com/wp-includes/js/jquery/ 86 KB
29 KB 53ms
50ms Script
application/javascript 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Tue, 16 Jul 2024 16:49:09 GMT
server: nginx
etag: W/"15601-61d601feb7791"
vary: Accept-Encoding
content-type: application/javascript
x-nocache: 1

GET
H2 200 jquery-migrate.min.js Show response
stateofchange-clinic.com/wp-includes/js/jquery/ 13 KB
5 KB 108ms
105ms Script
application/javascript 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Tue, 16 Jul 2024 16:49:09 GMT
server: nginx
etag: W/"3509-61d601feb73a9"
vary: Accept-Encoding
content-type: application/javascript
x-nocache: 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 350 KB
116 KB 54ms
49ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10891295648

Requested by

Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4c89803d09fdba906aa041a5208de4632f5dcc6510d589a89aabf79e7721b85b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 118407
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Aug 2024 12:14:01 GMT

GET
H2 200 Logo-black.png
mlxmgiysxn0c.i.optimole.com/w:auto/h:624/q:mauto/f:best/https://stateofchange-clinic.com/wp-content/uploads/2023/04/ 11 KB
12 KB 105ms
13ms Image
image/webp 2600:9000:2514:f200:2:6f7a:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mlxmgiysxn0c.i.optimole.com/w:auto/h:624/q:mauto/f:best/https://stateofchange-clinic.com/wp-content/uploads/2023/04/Logo-black.png

Requested by

Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2514:f200:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Optimole /

Resource Hash

e7cc81f7d832797109be301da6fd795dc73d0dca62381c9a12c9762069b618bf

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 16:37:29 GMT
content-security-policy: script-src 'none'
via: 1.1 14b9e21ac67dd643dc9e782cb20c49a2.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
age: 675392
x-cache: Hit from cloudfront
content-disposition: inline; filename="Logo-black.webp"
alt-svc: h3=":443"; ma=86400
content-length: 11626
x-request-id: 7O21UTbhWWVTVujh8mc_V
server: Optimole
accept-ch: ECT
etag: "Su3MFpFEiDYv8-f2Par1hKhjyzAKMaeuks3-TkjqU3A/RImE4YWJlMTVhNWU0OTY5ZGUwNGQzNmVlZTAzMWIzYjY0Ig"
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-id: wy5PXCZIHW7nT_RO0yuAp34EYYMwcwF9i2RLZUlNKcVVJUVPTSeATw==

GET
H2 200 dummy.png
mlxmgiysxn0c.i.optimole.com/w:1620/h:1080/q:mauto/f:best/https://stateofchange-clinic.com/wp-content/plugins/revslider/public/assets/assets/ 246 B
800 B 103ms
11ms Image
image/webp 2600:9000:2514:f200:2:6f7a:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mlxmgiysxn0c.i.optimole.com/w:1620/h:1080/q:mauto/f:best/https://stateofchange-clinic.com/wp-content/plugins/revslider/public/assets/assets/dummy.png

Requested by

Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2514:f200:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Optimole /

Resource Hash

fae7bf9d1cdeb573f3d7a2ae49148b2873118ed987b3b91fbaceec7c97d048e6

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 16:37:29 GMT
content-security-policy: script-src 'none'
via: 1.1 14b9e21ac67dd643dc9e782cb20c49a2.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
age: 675392
x-cache: Hit from cloudfront
content-disposition: inline; filename="dummy.webp"
alt-svc: h3=":443"; ma=86400
content-length: 246
x-request-id: RFIiYXJIKfOFjaxrf9ygs
server: Optimole
accept-ch: ECT
etag: "KKBgXBt1Eb5oQ_kGGTLk2Mjz91XvODH2-ojEbc8XV48/RIjJhNjM3ZDNkODI1NjczYzBlMzQ2MmZhNGVkOWExYzVjIg"
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-id: fcYNokpOB60Q4Rw7X18YkHYndgZaoO1ZVg8VOdfn0nIM3TsvqxNeTg==

GET
H2 200 dummy.png
mlxmgiysxn0c.i.optimole.com/w:512/h:512/q:mauto/f:best/https://stateofchange-clinic.com/wp-content/plugins/revslider/public/assets/assets/ 246 B
798 B 16ms
12ms Image
image/webp 2600:9000:2514:f200:2:6f7a:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mlxmgiysxn0c.i.optimole.com/w:512/h:512/q:mauto/f:best/https://stateofchange-clinic.com/wp-content/plugins/revslider/public/assets/assets/dummy.png

Requested by

Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2514:f200:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Optimole /

Resource Hash

fae7bf9d1cdeb573f3d7a2ae49148b2873118ed987b3b91fbaceec7c97d048e6

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 12:50:47 GMT
content-security-policy: script-src 'none'
via: 1.1 14b9e21ac67dd643dc9e782cb20c49a2.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
age: 170594
x-cache: Hit from cloudfront
content-disposition: inline; filename="dummy.webp"
alt-svc: h3=":443"; ma=86400
content-length: 246
x-request-id: C--NjZ7s7fuWIKSawZcT9
server: Optimole
accept-ch: ECT
etag: "fEVvo_u_FLgAwU0op51gZCMG4-Uiq8G70c_tbpWjruU/RIjJhNjM3ZDNkODI1NjczYzBlMzQ2MmZhNGVkOWExYzVjIg"
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-id: uIPjnIhGXTf_qxQ6p9RxTnPmYkQ6R8SMJct9U1FeQn-Z9qrmASGCaw==

GET
H2 200 get-script Show response
www.doctify.com/ 38 KB
10 KB 126ms
34ms Script
application/javascript 2600:9000:261f:ac00:1d:ebc3:8280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.doctify.com/get-script?widget_container_id=0xgctj93&type=carousel-widget&tenant=athena-uk&language=en&profileType=specialist&layoutType=layoutA&slugs=edoardo-cecchinato&background=white&itemBackground=ffffff&outerFrame=true&itemFrame=true&linkUrl=https://www.doctify.com/uk/specialist/edoardo-cecchinato
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:261f:ac00:1d:ebc3:8280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6a28df5c1174a60d85e2ac7b1508ae7d4c302e4b646268a9f55027b2313fc3b0

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 22:04:26 GMT
content-encoding: gzip
via: 1.1 a1157b69a14bebe8162237750a074fae.cloudfront.net (CloudFront), 1.1 8fc65419aa2ed286fa0e10813748c49a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C3, JFK52-P3
age: 50975
x-amzn-trace-id: Root=1-66b29de9-1ccf30b44e99030d09f04d68;Parent=0ed573f1c5efa012;Sampled=0;lineage=78bbf074:0
x-amzn-requestid: 53fa539e-4e90-4f55-9872-bdfabcb4e33e
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-apigw-id: cG2ceFw2liAEDtg=
content-length: 9512
x-amz-cf-id: gFfgXoTwlftrGG4LcbNyitxxKvZbxsd3QcbNgjpgTWfoq0P4UTWQrA==

GET
H2 200 css
fonts.googleapis.com/ 5 KB
766 B 37ms
32ms Stylesheet
text/css 2607:f8b0:400d:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400%2C500&display=swap

Requested by

Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e59aec8e7d030aed6e4522c0f76586d09c0e4185203c889a1ebeb2682a459c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Aug 2024 11:02:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Aug 2024 12:14:01 GMT

GET
H2 200 rs6.css
stateofchange-clinic.com/wp-content/plugins/revslider/public/assets/css/ 56 KB
11 KB 46ms
46ms Stylesheet
text/css 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.11
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: c682502bdd9d75ab27160338a8acdbc9d1fe1587ab08e5d8bc04d785c3e65745

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Mon, 31 Oct 2022 01:48:30 GMT
server: nginx
etag: W/"e197-5ec4acdeab780"
vary: Accept-Encoding
x-cache-nxaccel: MISS
content-type: text/css

GET
H2 200 index.js Show response
stateofchange-clinic.com/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 46ms
39ms Script
application/javascript 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.6
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: 46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Fri, 12 Jul 2024 15:13:15 GMT
server: nginx
etag: W/"2cf9-61d0e5195e67c"
vary: Accept-Encoding
x-cache-nxaccel: MISS
content-type: application/javascript

GET
H2 200 index.js Show response
stateofchange-clinic.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 48ms
41ms Script
application/javascript 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.6
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Fri, 12 Jul 2024 15:13:15 GMT
server: nginx
etag: W/"32fe-61d0e5195deac"
vary: Accept-Encoding
x-cache-nxaccel: MISS
content-type: application/javascript

GET
H2 200 rbtools.min.js Show response
stateofchange-clinic.com/wp-content/plugins/revslider/public/assets/js/ 124 KB
46 KB 47ms
44ms Script
application/javascript 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.11
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: 22b39a24722fc85eaa959adee93be1bbcbca4409a05bb804c983882a30b6d9d4

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Mon, 31 Oct 2022 01:48:31 GMT
server: nginx
etag: W/"1f109-5ec4acdf9f9c0"
vary: Accept-Encoding
x-cache-nxaccel: MISS
content-type: application/javascript

GET
H2 200 rs6.min.js Show response
stateofchange-clinic.com/wp-content/plugins/revslider/public/assets/js/ 377 KB
92 KB 46ms
44ms Script
application/javascript 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.11
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: e2dccca60e73740cafc49d71897fdba94cc205e1b3991e8c7034736bc860f53f

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Mon, 31 Oct 2022 01:48:31 GMT
server: nginx
etag: W/"5e3fb-5ec4acdf9f9c0"
vary: Accept-Encoding
x-cache-nxaccel: MISS
content-type: application/javascript

GET
H3 200 l.js Show response
client.crisp.chat/ 8 KB
3 KB 169ms
32ms Script
application/javascript 2606:4700::6812:1c68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/l.js?ver=20240807

Requested by

Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a7f03e46286307bc4bd3efdabbf50368ab908f8788494e65679dee2dc110259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 5071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
server: cloudflare
etag: W/"64e73b34-2194"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 8af72f1ece440f6c-EWR
access-control-allow-headers: Content-Type, Origin
expires: Thu, 08 Aug 2024 12:14:02 GMT

GET
H2 200 core.min.js Show response
stateofchange-clinic.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 57ms
50ms Script
application/javascript 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: 7e84c9f8d71bc6eb2dac2fce59a6caea62da51ffa8cf56b41806f59386ab1322

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Tue, 16 Jul 2024 16:49:09 GMT
server: nginx
etag: W/"53d8-61d601feb6409"
vary: Accept-Encoding
content-type: application/javascript
x-nocache: 1

GET
H2 200 tabs.min.js Show response
stateofchange-clinic.com/wp-includes/js/jquery/ui/ 12 KB
4 KB 49ms
43ms Script
application/javascript 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.3
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: a1ac109fb0da76a03eb39daecb548806675cda9793ad6bce4621c651746de08f

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Tue, 16 Jul 2024 16:49:09 GMT
server: nginx
etag: W/"2ee8-61d601feb6021"
vary: Accept-Encoding
content-type: application/javascript
x-nocache: 1

GET
H2 200 plugins.js Show response
stateofchange-clinic.com/wp-content/themes/betheme/js/ 199 KB
53 KB 48ms
42ms Script
application/javascript 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-content/themes/betheme/js/plugins.js?ver=23.0.3
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: f530b2846a96fd27833c2058a8b8b0bac2b10f5a91981caf39d394cae166710d

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Mon, 31 Oct 2022 01:48:35 GMT
server: nginx
etag: W/"31c9a-5ec4ace3702c0"
vary: Accept-Encoding
x-cache-nxaccel: MISS
content-type: application/javascript

GET
H2 200 menu.js Show response
stateofchange-clinic.com/wp-content/themes/betheme/js/ 5 KB
2 KB 50ms
44ms Script
application/javascript 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-content/themes/betheme/js/menu.js?ver=23.0.3
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: fab2807600fc258a428268639fd022ac96d2e0e2f42d3437e33d1b665d41dccc

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Mon, 31 Oct 2022 01:48:35 GMT
server: nginx
etag: W/"15b0-5ec4ace3702c0"
vary: Accept-Encoding
x-cache-nxaccel: MISS
content-type: application/javascript

GET
H2 200 animations.min.js Show response
stateofchange-clinic.com/wp-content/themes/betheme/assets/animations/ 5 KB
2 KB 46ms
41ms Script
application/javascript 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=23.0.3
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: b22af4a2147a7df85e7f7730f9e32c2bf563a754900da5eb1a0ece766164b85c

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Mon, 31 Oct 2022 01:48:31 GMT
server: nginx
etag: W/"134a-5ec4acdf9f9c0"
vary: Accept-Encoding
x-cache-nxaccel: MISS
content-type: application/javascript

GET
H2 200 jplayer.min.js Show response
stateofchange-clinic.com/wp-content/themes/betheme/assets/jplayer/ 54 KB
13 KB 49ms
43ms Script
application/javascript 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=23.0.3
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: 98004b712694b8723e9bf486c48a82b897ba7889cf5e85c8dcc0cc18b741cc61

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Mon, 31 Oct 2022 01:48:31 GMT
server: nginx
etag: W/"d984-5ec4acdf9f9c0"
vary: Accept-Encoding
x-cache-nxaccel: MISS
content-type: application/javascript

GET
H2 200 translate3d.js Show response
stateofchange-clinic.com/wp-content/themes/betheme/js/parallax/ 7 KB
3 KB 50ms
44ms Script
application/javascript 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-content/themes/betheme/js/parallax/translate3d.js?ver=23.0.3
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: ee0ca47af9bade7c37f57851e2714f92c67953b69048e9cc9b8be4e28cab161b

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Mon, 31 Oct 2022 01:48:35 GMT
server: nginx
etag: W/"1b9e-5ec4ace3702c0"
vary: Accept-Encoding
x-cache-nxaccel: MISS
content-type: application/javascript

GET
H2 200 scripts.js Show response
stateofchange-clinic.com/wp-content/themes/betheme/js/ 72 KB
15 KB 48ms
43ms Script
application/javascript 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-content/themes/betheme/js/scripts.js?ver=23.0.3
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: 3eeee134644fef99f16c28ef0046a5c88b67cab5a49dd39b0d460aab9831b545

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
content-encoding: br
last-modified: Mon, 31 Oct 2022 01:48:35 GMT
server: nginx
etag: W/"11f65-5ec4ace3702c0"
vary: Accept-Encoding
x-cache-nxaccel: MISS
content-type: application/javascript

GET
BLOB 200
OK f038e613-7022-4b08-9e7f-168220239f5d
https://stateofchange-clinic.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://stateofchange-clinic.com/f038e613-7022-4b08-9e7f-168220239f5d
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 optimole_lib_no_poly.min.js Show response
mlxmgiysxn0c.i.optimole.com/js-lib/v2/latest/ 13 KB
4 KB 11ms
10ms Script
text/javascript 2600:9000:2514:f200:2:6f7a:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mlxmgiysxn0c.i.optimole.com/js-lib/v2/latest/optimole_lib_no_poly.min.js
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2514:f200:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9eef86302b4cafaa9ceb5705c0791ecfda2ea2a20d7b9b84adbe352a1df7374

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 17 Jun 2024 20:57:41 GMT
content-encoding: gzip
via: 1.1 14b9e21ac67dd643dc9e782cb20c49a2.cloudfront.net (CloudFront)
last-modified: Mon, 18 Sep 2023 08:33:57 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P8
age: 4374981
etag: W/"0eb89ca19c4471edb661005556332adc"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000,public
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: _UPxB7pdZyexgN5LltcxWAaSEkpx70MA7qJae2Fc3_moaViETZKEXQ==

GET
H2 200 1932Helevetica-Neue.woff2
stateofchange-clinic.com/wp-content/uploads/useanyfont/ 102 KB
102 KB 97ms
96ms Font
application/octet-stream 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-content/uploads/useanyfont/1932Helevetica-Neue.woff2
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/wp-content/uploads/useanyfont/uaf.css?ver=1718896539
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: c948cfb891170099b30422e44fd7394a134f3c654d8fb9ed7c86fd97315ae1ac

Request headers

Referer: https://stateofchange-clinic.com/wp-content/uploads/useanyfont/uaf.css?ver=1718896539
Origin: https://stateofchange-clinic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:01 GMT
last-modified: Sun, 30 Apr 2023 06:41:46 GMT
server: nginx
accept-ranges: bytes
etag: "19794-5fa88000b0d1e"
content-length: 104340
x-cache-nxaccel: MISS

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 103ms
21ms Font
font/woff2 2607:f8b0:400d:c0e::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic%7CPoppins%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic&display=swap&ver=6.6.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://stateofchange-clinic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 20:58:26 GMT
x-content-type-options: nosniff
age: 486936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 20:58:26 GMT

GET
DATA 200
OK truncated
/ 135 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e057df8838d919d05b9116a3a365755ef79f1554be4c766cd7d40faf0417e4d1

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 144 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1c9f61d0d3e364cc5402221c319db70ede5fc112e00ea8d57c5a8a5de42560a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 144 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab68272fad8c0a39ccc202f1708bdefabf64f6e73d575030f786ecc9a5192756

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8ff5468dbf38300910d4beec98b593030a06c0563bc5015f00dd58cc0de7ade

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 HelveticaNeue-Bold-02.ttf
stateofchange-clinic.com/wp-content/uploads/2023/04/ 314 KB
314 KB 41ms
39ms Font
application/font-sfnt 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-content/uploads/2023/04/HelveticaNeue-Bold-02.ttf
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: 031835fc01fe7c356707d0572715d7516787cec768dc3c961b9ac41574865005

Request headers

Referer: https://stateofchange-clinic.com/
Origin: https://stateofchange-clinic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:02 GMT
last-modified: Tue, 18 Apr 2023 13:06:46 GMT
server: nginx
etag: "4e734-5f99bfad0aebc"
x-cache-nxaccel: MISS
content-type: application/font-sfnt
accept-ranges: bytes
content-length: 321332

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 29ms
27ms Font
font/woff2 2607:f8b0:400d:c0e::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://stateofchange-clinic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 20:58:27 GMT
x-content-type-options: nosniff
age: 486935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 20:58:27 GMT

GET
H2 200 icons.woff
stateofchange-clinic.com/wp-content/themes/betheme/fonts/mfn/ 80 KB
80 KB 39ms
38ms Font
application/font-woff 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-content/themes/betheme/fonts/mfn/icons.woff?31690507
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/wp-content/themes/betheme/css/be.css?ver=23.0.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: 559a910060423ed485ddc062a9ab5318859bbfde26be3f73d9b83ac0b9dae677

Request headers

Referer: https://stateofchange-clinic.com/wp-content/themes/betheme/css/be.css?ver=23.0.3
Origin: https://stateofchange-clinic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:02 GMT
last-modified: Mon, 31 Oct 2022 01:48:31 GMT
server: nginx
etag: "13e28-5ec4acdf9f9c0"
x-cache-nxaccel: MISS
content-type: application/font-woff
accept-ranges: bytes
content-length: 81448

GET
H2 200 global.css
www.doctify.com/assets/fonts/ 7 KB
980 B 23ms
23ms Stylesheet
text/css 2600:9000:261f:ac00:1d:ebc3:8280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.doctify.com/assets/fonts/global.css
Requested by: Host: www.doctify.com
URL: https://www.doctify.com/get-script?widget_container_id=0xgctj93&type=carousel-widget&tenant=athena-uk&language=en&profileType=specialist&layoutType=layoutA&slugs=edoardo-cecchinato&background=white&itemBackground=ffffff&outerFrame=true&itemFrame=true&linkUrl=https://www.doctify.com/uk/specialist/edoardo-cecchinato
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:261f:ac00:1d:ebc3:8280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca92bd056e48d0542ab766b6945e1220d0ebb02b1e273ca0e08bae663c4d264e

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 8fc65419aa2ed286fa0e10813748c49a.cloudfront.net (CloudFront)
date: Wed, 07 Aug 2024 11:41:12 GMT
last-modified: Fri, 08 Jul 2022 09:45:34 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P3
age: 1971
etag: W/"2619563f95f44cf00706e5b7b2f33cd1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: x8DrFlIJfISWRY5ke2D5H66uX_0mWlKrdpF772yfbV5HVqPb5t0YZg==

GET
DATA 200
OK truncated
/ 829 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a2a384c4cff4a76fc529417bcfb0642348f372e1090f1d64b6cb7ceae064286

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 23ms
23ms Font
font/woff2 2607:f8b0:400d:c0e::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://stateofchange-clinic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 02:00:12 GMT
x-content-type-options: nosniff
age: 555230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 02:00:12 GMT

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 23ms
22ms Font
font/woff2 2607:f8b0:400d:c0e::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://stateofchange-clinic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 02:08:04 GMT
x-content-type-options: nosniff
age: 554758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 02:08:04 GMT

GET
H3 200 pxiGyp8kv8JHgFVrJJLucHtA.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 28ms
27ms Font
font/woff2 2607:f8b0:400d:c0e::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiGyp8kv8JHgFVrJJLucHtA.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://stateofchange-clinic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 01:45:41 GMT
x-content-type-options: nosniff
age: 556101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8668
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 01:45:41 GMT

GET
H2 200 reviews Show response
www.doctify.com/uk/api/ 3 KB
2 KB 811ms
789ms Fetch
application/json 2600:9000:261f:ac00:1d:ebc3:8280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doctify.com/uk/api/reviews?slugs=edoardo-cecchinato&offset=0&limit=2&language=en&rating=0

Requested by

Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:261f:ac00:1d:ebc3:8280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6e2d507a682a321eb27f9af29aeb6af4f1ac082d85e550482d8e0390f7e31e29

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:02 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
via: 1.1 7737ef6f12229d4564d45a2b0c059e2e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P3
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
server: nginx
cross-origin-opener-policy: same-origin
etag: W/"ac2-Gr8CYmPJ3EtE/peYTCbHT7yGSME"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-amz-cf-id: JZ0khDSrQxKWaMhoTgXfJdJd0dKbGVDVAAtGyMVlGfNERTxG5j5OMg==

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e24ff9d7af39721c9b6cdbe16993a770248fdd9b8e488ab88db292e151f82980

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 61ms
23ms Fetch
text/plain 2607:f8b0:4004:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-B735ZTSPDC&gtm=45je4850v898934358za200&_p=1723032841759&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=851430420.1723032842&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723032842&sct=1&seg=0&dl=https%3A%2F%2Fstateofchange-clinic.com%2F&dt=Home%20-%20StateOfChange%20Clinic&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1218
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B735ZTSPDC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Aug 2024 12:14:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://stateofchange-clinic.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 350 KB
116 KB 40ms
39ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10891295648&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B735ZTSPDC

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90898bd339adc18088a35ff8137f074dffdd6c919ac13f67dc74f703493799ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 118434
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Aug 2024 12:14:02 GMT

GET pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
www.doctify.com/assets/fonts/poppins/ 0
0

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
www.doctify.com/assets/fonts/poppins/ 8 KB
8 KB 12ms
12ms Font
binary/octet-stream 2600:9000:261f:ac00:1d:ebc3:8280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.doctify.com/assets/fonts/poppins/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
Requested by: Host: www.doctify.com
URL: https://www.doctify.com/assets/fonts/global.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:261f:ac00:1d:ebc3:8280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Request headers

Referer: https://www.doctify.com/assets/fonts/global.css
Origin: https://stateofchange-clinic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 07 Aug 2024 11:43:23 GMT
via: 1.1 7737ef6f12229d4564d45a2b0c059e2e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P3
age: 1935
x-cache: Hit from cloudfront
content-length: 7748
last-modified: Fri, 08 Jul 2022 09:16:06 GMT
server: AmazonS3
etag: "a09f2fccfee35b7247b08a1a266f0328"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: iXndeL7Arkz1NZksYCXpmvZxzyXeEM7VG_RO2hTFLudKuUtjAWQzUg==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
0 2ms
2ms Font
font/woff2 2607:f8b0:400d:c0e::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400%2C500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://stateofchange-clinic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 20:58:26 GMT
x-content-type-options: nosniff
age: 486936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 20:58:26 GMT

GET
H3 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v32/ 19 KB
19 KB 22ms
22ms Font
font/woff2 2607:f8b0:400d:c0e::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e100b86870ec5caaa887e0fe743b177d57e02242812a0cd4675781dfffea440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://stateofchange-clinic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 21:00:05 GMT
x-content-type-options: nosniff
age: 486837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19780
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 21:00:05 GMT

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v32/ 20 KB
20 KB 25ms
25ms Font
font/woff2 2607:f8b0:400d:c0e::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://stateofchange-clinic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 21:00:05 GMT
x-content-type-options: nosniff
age: 486837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20144
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 21:00:05 GMT

GET
H3 200 client.js Show response
client.crisp.chat/static/javascripts/ 369 KB
95 KB 37ms
36ms Script
application/javascript 2606:4700::6812:1c68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/client.js?76ab9f1

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js?ver=20240807

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4f65bdebe62dcae8f41d3e51d6b16afe15047a1d654a16fec995d5d67b67e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 9197
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
server: cloudflare
etag: W/"64e73b34-5c23b"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 8af72f2098370f6c-EWR
access-control-allow-headers: Content-Type, Origin
expires: Sat, 05 Aug 2034 12:14:02 GMT

GET
H3 200 client_default.css
client.crisp.chat/static/stylesheets/ 113 KB
14 KB 28ms
28ms Stylesheet
text/css 2606:4700::6812:1c68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/stylesheets/client_default.css?76ab9f1

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js?ver=20240807

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6c5f5822b2e1a14785e239541fb378102a47666d35559d9101b495c134438d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4803
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Jul 2024 09:38:48 GMT
server: cloudflare
etag: W/"66866da8-1c502"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 8af72f20983b0f6c-EWR
access-control-allow-headers: Content-Type, Origin
expires: Sat, 05 Aug 2034 12:14:02 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10891295648/ 2 KB
1 KB 79ms
33ms Script
text/javascript 2607:f8b0:400d:c0d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10891295648/?random=1723032842363&cv=11&fst=1723032842363&bg=ffffff&guid=ON&async=1&gtm=45be4850v9103656391za200zb898934358&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fstateofchange-clinic.com%2F&hn=www.googleadservices.com&frm=0&tiba=Home%20-%20StateOfChange%20Clinic&npa=0&pscdl=noapi&auid=2053064194.1723032842&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10891295648

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a38a2414cebfe1e46e55001842a65083c033d74f3b0c064ce6251359d9a8fd41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Aug 2024 12:14:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1377
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 24ms
22ms Fetch
text/plain 2607:f8b0:4004:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-VKCL0BF781&gtm=45be4850v9103656391za200zb898934358&_p=1723032841759&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=851430420.1723032842&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723032842&sct=1&seg=0&dl=https%3A%2F%2Fstateofchange-clinic.com%2F&dt=Home%20-%20StateOfChange%20Clinic&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1451
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10891295648
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Aug 2024 12:14:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://stateofchange-clinic.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11048298794/ 2 KB
1 KB 66ms
35ms Script
text/javascript 2607:f8b0:400d:c0d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11048298794/?random=1723032842386&cv=11&fst=1723032842386&bg=ffffff&guid=ON&async=1&gtm=45be4850v9103656391za200zb898934358&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fstateofchange-clinic.com%2F&hn=www.googleadservices.com&frm=0&tiba=Home%20-%20StateOfChange%20Clinic&npa=0&pscdl=noapi&auid=2053064194.1723032842&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10891295648

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b2661a72ce58415d9286fd73a3e5f416e7f3814f5fcbc1f8747198043ddccb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Aug 2024 12:14:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 black-divider.png
mlxmgiysxn0c.i.optimole.com/w:50/h:3/q:mauto/f:best/https://stateofchange-clinic.com/wp-content/uploads/2022/10/ 246 B
679 B 15ms
14ms Image
image/webp 2600:9000:2514:f200:2:6f7a:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mlxmgiysxn0c.i.optimole.com/w:50/h:3/q:mauto/f:best/https://stateofchange-clinic.com/wp-content/uploads/2022/10/black-divider.png

Requested by

Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2514:f200:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Optimole /

Resource Hash

9bf788c5c4b2f5dbac82e1aa2eb8a8d8ace8b0af12602dec64d33b622c2db717

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 16:37:29 GMT
content-security-policy: script-src 'none'
via: 1.1 f2d96237236476e7356cfe5344feb776.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
age: 675393
x-cache: Hit from cloudfront
content-disposition: inline; filename="black-divider.webp"
alt-svc: h3=":443"; ma=86400
content-length: 246
x-request-id: jo1d03SAGHYPl0FaHXKOU
accept-ch: ECT
server: Optimole
etag: "M6CtA_R0cwXcjgkhPLgzyf0fQ6_AOU0NqRHwUBeuPb8/RImJiNzZkOWY0ZmViMjMxMWNmM2VmYjgxN2I4YWE0Y2ViIg"
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-id: fKO_kA2ABuuYywxjq9nyBnARJ5p3D54wmtp-MpZSzncAxtPjWj4Adw==

GET
H3 200 h1.jpg
mlxmgiysxn0c.i.optimole.com/w:478/h:363/q:mauto/f:best/https://stateofchange-clinic.com/wp-content/uploads/2022/11/ 25 KB
25 KB 22ms
22ms Image
image/webp 2600:9000:2514:f200:2:6f7a:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mlxmgiysxn0c.i.optimole.com/w:478/h:363/q:mauto/f:best/https://stateofchange-clinic.com/wp-content/uploads/2022/11/h1.jpg

Requested by

Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2514:f200:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Optimole /

Resource Hash

1a0c14997ae0d345bfed069236381a2d1ed6ca59ebb8835c3e03e6da0de923f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 13:32:55 GMT
content-security-policy: script-src 'none'
via: 1.1 f2d96237236476e7356cfe5344feb776.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
age: 254467
x-cache: Hit from cloudfront
content-disposition: inline; filename="h1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 25626
x-request-id: pM0yJ1jJLJmuGf_mhFzA6
accept-ch: ECT
server: Optimole
etag: "dTW2aFuUZ85y6saqHr25UiklDf4iTevEXvqqp5T4EY0/RIjJlOWVlNjdjMmNiN2U2ZDJkYmUzMGI0MTU5ODBkMmY1Ig"
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-id: Gi8BZYEsn6Six7znjPaltkUxfEtBQRCIq86K12UxxR6R1eis8ShR4Q==

GET
H2 200 wp-emoji-release.min.js Show response
stateofchange-clinic.com/wp-includes/js/ 18 KB
5 KB 42ms
42ms Script
application/javascript 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://stateofchange-clinic.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:02 GMT
content-encoding: br
last-modified: Tue, 16 Jul 2024 16:49:10 GMT
server: nginx
etag: W/"4926-61d601ff25179"
vary: Accept-Encoding
content-type: application/javascript
x-nocache: 1

GET
H2 200 schema Show response
stateofchange-clinic.com/wp-json/contact-form-7/v1/contact-forms/7/feedback/ 814 B
483 B 183ms
182ms Fetch
application/json 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://stateofchange-clinic.com/wp-json/contact-form-7/v1/contact-forms/7/feedback/schema

Requested by

Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

cloudhost-6164519.us-midwest-2.nxcli.net

Software

nginx /

Resource Hash

384717be2243f9b0932204a35be85664bd381a83ef9379bf750f904eea2325f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, */*;q=0.1
Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding, Origin
allow: GET
content-type: application/json; charset=UTF-8
x-nocache: 1
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-robots-tag: noindex
link: <https://stateofchange-clinic.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type

GET
H2 200 loader.gif
stateofchange-clinic.com/wp-content/plugins/revslider/public/assets/assets/ 2 KB
3 KB 72ms
72ms Image
image/gif 199.189.224.197
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stateofchange-clinic.com/wp-content/plugins/revslider/public/assets/assets/loader.gif
Requested by: Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.189.224.197 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-6164519.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: 9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645

Request headers

Referer: https://stateofchange-clinic.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.11
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:02 GMT
last-modified: Mon, 31 Oct 2022 01:48:24 GMT
server: nginx
etag: "9f1-5ec4acd8f2a00"
x-cache-nxaccel: MISS
content-type: image/gif
accept-ranges: bytes
content-length: 2545

GET
H3 200 black-divider.png
mlxmgiysxn0c.i.optimole.com/w:50/h:3/q:mauto/f:best/https://stateofchange-clinic.com/wp-content/uploads/2022/10/ 246 B
0 0ms
0ms Image
image/webp 2600:9000:2514:f200:2:6f7a:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mlxmgiysxn0c.i.optimole.com/w:50/h:3/q:mauto/f:best/https://stateofchange-clinic.com/wp-content/uploads/2022/10/black-divider.png

Requested by

Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2514:f200:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Optimole /

Resource Hash

9bf788c5c4b2f5dbac82e1aa2eb8a8d8ace8b0af12602dec64d33b622c2db717

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 16:37:29 GMT
content-security-policy: script-src 'none'
via: 1.1 f2d96237236476e7356cfe5344feb776.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
age: 675393
x-cache: Hit from cloudfront
content-disposition: inline; filename="black-divider.webp"
alt-svc: h3=":443"; ma=86400
content-length: 246
x-request-id: jo1d03SAGHYPl0FaHXKOU
accept-ch: ECT
server: Optimole
etag: "M6CtA_R0cwXcjgkhPLgzyf0fQ6_AOU0NqRHwUBeuPb8/RImJiNzZkOWY0ZmViMjMxMWNmM2VmYjgxN2I4YWE0Y2ViIg"
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-id: fKO_kA2ABuuYywxjq9nyBnARJ5p3D54wmtp-MpZSzncAxtPjWj4Adw==

GET
H3 200 h1.jpg
mlxmgiysxn0c.i.optimole.com/w:478/h:363/q:mauto/f:best/https://stateofchange-clinic.com/wp-content/uploads/2022/11/ 25 KB
0 0ms
0ms Image
image/webp 2600:9000:2514:f200:2:6f7a:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mlxmgiysxn0c.i.optimole.com/w:478/h:363/q:mauto/f:best/https://stateofchange-clinic.com/wp-content/uploads/2022/11/h1.jpg

Requested by

Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2514:f200:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Optimole /

Resource Hash

1a0c14997ae0d345bfed069236381a2d1ed6ca59ebb8835c3e03e6da0de923f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 13:32:55 GMT
content-security-policy: script-src 'none'
via: 1.1 f2d96237236476e7356cfe5344feb776.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
age: 254467
x-cache: Hit from cloudfront
content-disposition: inline; filename="h1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 25626
x-request-id: pM0yJ1jJLJmuGf_mhFzA6
accept-ch: ECT
server: Optimole
etag: "dTW2aFuUZ85y6saqHr25UiklDf4iTevEXvqqp5T4EY0/RIjJlOWVlNjdjMmNiN2U2ZDJkYmUzMGI0MTU5ODBkMmY1Ig"
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-id: Gi8BZYEsn6Six7znjPaltkUxfEtBQRCIq86K12UxxR6R1eis8ShR4Q==

GET
H3 200 hero3.jpg
mlxmgiysxn0c.i.optimole.com/w:auto/h:auto/q:mauto/f:best/https://stateofchange-clinic.com/wp-content/uploads/2022/12/ 57 KB
57 KB 13ms
13ms Image
image/avif 2600:9000:2514:f200:2:6f7a:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mlxmgiysxn0c.i.optimole.com/w:auto/h:auto/q:mauto/f:best/https://stateofchange-clinic.com/wp-content/uploads/2022/12/hero3.jpg

Requested by

Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2514:f200:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Optimole /

Resource Hash

9b8f4bcc41b57140172f0b0ffd234431a9002e75e9909d095dce86b7c624e366

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 12:50:48 GMT
content-security-policy: script-src 'none'
via: 1.1 f2d96237236476e7356cfe5344feb776.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
age: 170594
x-cache: Hit from cloudfront
content-disposition: inline; filename="hero3.avif"
alt-svc: h3=":443"; ma=86400
content-length: 58078
x-request-id: joC_Sjw5kjhlYdxtN9vDn
accept-ch: ECT
server: Optimole
etag: "TMPKAJw099c-lWv7dWMxsvi-YpGlaZEkrfzlv8u7Ls4/RIjY4MjBmMGEyZmQwNzAwYjBlZWI3NTE0N2FiNjNhNWQ3Ig"
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-id: GuUm4TWu8y6tIUVKtMLZkspx6lGyQ-nvbi2QeJstiHCH6kszmkdlkQ==

GET
H3 200 down-arrow-6.png
mlxmgiysxn0c.i.optimole.com/w:auto/h:auto/q:mauto/f:best/https://stateofchange-clinic.com/wp-content/uploads/revslider/slider-1/ 836 B
1 KB 15ms
15ms Image
image/webp 2600:9000:2514:f200:2:6f7a:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mlxmgiysxn0c.i.optimole.com/w:auto/h:auto/q:mauto/f:best/https://stateofchange-clinic.com/wp-content/uploads/revslider/slider-1/down-arrow-6.png

Requested by

Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2514:f200:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Optimole /

Resource Hash

70fa967643e2cdc7c975645683c022477720cda24182a5d9e39761eaeddc8c4b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:17:36 GMT
content-security-policy: script-src 'none'
via: 1.1 f2d96237236476e7356cfe5344feb776.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
age: 89786
x-cache: Hit from cloudfront
content-disposition: inline; filename="down-arrow-6.webp"
alt-svc: h3=":443"; ma=86400
content-length: 836
x-request-id: A6ifaCqXxlsieGyyjHHOc
accept-ch: ECT
server: Optimole
etag: "N2xCcWA3Rduqk9kAnIyHDW2VAQG7N_ObVGOmF3FZaOs/RImM1NTBjZGE4YzE2NTk1MTU5N2E4MzM0NjIwOTY3NzU0Ig"
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-id: NYXOiKag-iilIZ1pDSC9_673PykRBTmxHSuiPZTpohVRgubNDDAZjg==

GET
H3 200 /
www.google.com/pagead/1p-user-list/10891295648/ 42 B
64 B 131ms
33ms Image
image/gif 2607:f8b0:4004:c07::67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10891295648/?random=1723032842363&cv=11&fst=1723032000000&bg=ffffff&guid=ON&async=1&gtm=45be4850v9103656391za200zb898934358&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fstateofchange-clinic.com%2F&hn=www.googleadservices.com&frm=0&tiba=Home%20-%20StateOfChange%20Clinic&npa=0&pscdl=noapi&auid=2053064194.1723032842&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfQmAACoQFtlK51hwc522HuT3upGtFOw&random=3090715333&rmt_tld=0&ipr=y

Requested by

Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::67 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Aug 2024 12:14:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/11048298794/ 42 B
64 B 132ms
35ms Image
image/gif 2607:f8b0:4004:c07::67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11048298794/?random=1723032842386&cv=11&fst=1723032000000&bg=ffffff&guid=ON&async=1&gtm=45be4850v9103656391za200zb898934358&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fstateofchange-clinic.com%2F&hn=www.googleadservices.com&frm=0&tiba=Home%20-%20StateOfChange%20Clinic&npa=0&pscdl=noapi&auid=2053064194.1723032842&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfx7bilSBp2SKQIfoBt45j0CzjhKQjKg&random=144920321&rmt_tld=0&ipr=y

Requested by

Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::67 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Aug 2024 12:14:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
client.crisp.chat/settings/website/06799827-5b33-4e85-a826-fb2d4661bae8/prelude/ 222 B
511 B 443ms
442ms Script
application/javascript 2606:4700::6812:1c68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/06799827-5b33-4e85-a826-fb2d4661bae8/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_prelude_handler&2024-7-7-2-14

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?76ab9f1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcbb40d31da55034b503825f407cf3a907a0cd758001c67ad11ba5d683d3df5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 07 Aug 2024 12:14:02 GMT
server: cloudflare
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 8af72f21d9a10f6c-EWR
access-control-allow-headers: Content-Type, Origin
expires: Wed, 07 Aug 2024 16:14:02 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 22ms
22ms Font
font/woff2 2607:f8b0:400d:c0e::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400%2C500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://stateofchange-clinic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 20:58:05 GMT
x-content-type-options: nosniff
age: 486957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18588
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 20:58:05 GMT

GET
H2 200 reviews Show response
www.doctify.com/uk/api/ 3 KB
771 B 1271ms
1043ms Fetch
application/json 2600:9000:261f:ac00:1d:ebc3:8280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doctify.com/uk/api/reviews?slugs=edoardo-cecchinato&offset=0&limit=2&language=en&rating=0

Requested by

Host: stateofchange-clinic.com
URL: https://stateofchange-clinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:261f:ac00:1d:ebc3:8280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6e2d507a682a321eb27f9af29aeb6af4f1ac082d85e550482d8e0390f7e31e29

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:03 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via: 1.1 7737ef6f12229d4564d45a2b0c059e2e.cloudfront.net (CloudFront)
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-amz-cf-pop: JFK52-P3
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
server: nginx
cross-origin-opener-policy: same-origin
etag: W/"ac2-Gr8CYmPJ3EtE/peYTCbHT7yGSME"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-amz-cf-id: JPH-w2Zon3kxTm_Sdb9uI21AHAmHyN8bENsABKZ8Dmq7Ljbnx4mK5Q==

GET
H3 200 fav-1.png
mlxmgiysxn0c.i.optimole.com/w:auto/h:auto/q:mauto/f:best/https://stateofchange-clinic.com/wp-content/uploads/2022/11/ 2 KB
2 KB 21ms
20ms Other
image/webp 2600:9000:2514:f200:2:6f7a:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mlxmgiysxn0c.i.optimole.com/w:auto/h:auto/q:mauto/f:best/https://stateofchange-clinic.com/wp-content/uploads/2022/11/fav-1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2514:f200:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Optimole /

Resource Hash

08287edad2c25d640bf28a11caa4ec5db86d09eee074c3494a7d2ace5615641d

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 01:00:21 GMT
content-security-policy: script-src 'none'
via: 1.1 f2d96237236476e7356cfe5344feb776.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
age: 40422
x-cache: Hit from cloudfront
content-disposition: inline; filename="fav-1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1630
x-request-id: sYLSImknwI5SFeCKH4Nuo
accept-ch: ECT
server: Optimole
etag: "f0gfHIfqBxQmunoyn0und_v17ZMpInr08KlHMkxSlU4/RImY3NzVkNzU5NTkxMmFhYmY2NTRmMGUyY2QyNzQ5ZGE5Ig"
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-id: ZigvRuQQZFrMtlEPHeFRKKsq7TDCojlzJvCuiXUL-o8H9RJdmvY9TA==

GET
H3 200 / Show response
client.crisp.chat/settings/website/06799827-5b33-4e85-a826-fb2d4661bae8/ 1 KB
1001 B 275ms
275ms Script
application/javascript 2606:4700::6812:1c68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/06799827-5b33-4e85-a826-fb2d4661bae8/?callback=window.%24__CRISP_INSTANCE.__spool.website_settings_handler&1706856149649

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?76ab9f1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f0b0c6c75269a026030cb5fdfd8eaf52e4ecab938934322b6eae7f905f6c1b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 07 Aug 2024 12:14:04 GMT
server: cloudflare
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 8af72f2968e60f6c-EWR
access-control-allow-headers: Content-Type, Origin
expires: Wed, 07 Aug 2024 16:14:04 GMT

GET
H3 200 en.js Show response
client.crisp.chat/static/javascripts/locales/ 9 KB
4 KB 22ms
21ms Script
application/javascript 2606:4700::6812:1c68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/locales/en.js?76ab9f1

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?76ab9f1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63c7c55bc689efe97aecc45a97922d6f94ff8bf1faf3b8ca10d5de57119fc30d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stateofchange-clinic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:14:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 9197
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 21 Jun 2024 15:02:29 GMT
server: cloudflare
etag: W/"66759605-250d"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 8af72f2b2a7d0f6c-EWR
access-control-allow-headers: Content-Type, Origin
expires: Sat, 05 Aug 2034 12:14:04 GMT

GET
DATA 200
OK truncated
/ 881 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.doctify.com
URL: https://www.doctify.com/assets/fonts/poppins/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.stateofchange-clinic.com/	1970-01-21 08:13:12	Name: _ga_B735ZTSPDC Value: GS1.1.1723032842.1.0.1723032842.0.0.0
.stateofchange-clinic.com/	1970-01-21 08:13:12	Name: _ga Value: GA1.1.851430420.1723032842
.stateofchange-clinic.com/	1970-01-21 00:46:48	Name: _gcl_au Value: 1.1.2053064194.1723032842
.stateofchange-clinic.com/	1970-01-21 08:13:12	Name: _ga_VKCL0BF781 Value: GS1.1.1723032842.1.0.1723032842.0.0.0
.doubleclick.net/	1970-01-20 22:37:13	Name: test_cookie Value: CheckForPermission
.stateofchange-clinic.com/	1970-01-21 03:00:00	Name: crisp-client%2Fsession%2F06799827-5b33-4e85-a826-fb2d4661bae8 Value: session_4825cc33-ba86-447a-aef7-43161486dee9

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://stateofchange-clinic.com/ Message: Access to font at 'https://www.doctify.com/assets/fonts/poppins/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2' from origin 'https://stateofchange-clinic.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.doctify.com/assets/fonts/poppins/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

client.crisp.chat
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mlxmgiysxn0c.i.optimole.com
stateofchange-clinic.com
www.doctify.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.doctify.com
199.189.224.197
2600:9000:2514:f200:2:6f7a:6f00:93a1
2600:9000:261f:ac00:1d:ebc3:8280:93a1
2606:4700::6812:1c68
2607:f8b0:4004:c07::67
2607:f8b0:4004:c09::65
2607:f8b0:400d:c04::61
2607:f8b0:400d:c0b::5f
2607:f8b0:400d:c0d::9d
2607:f8b0:400d:c0e::5e
031835fc01fe7c356707d0572715d7516787cec768dc3c961b9ac41574865005
08287edad2c25d640bf28a11caa4ec5db86d09eee074c3494a7d2ace5615641d
0e100b86870ec5caaa887e0fe743b177d57e02242812a0cd4675781dfffea440
1a0c14997ae0d345bfed069236381a2d1ed6ca59ebb8835c3e03e6da0de923f2
1b2661a72ce58415d9286fd73a3e5f416e7f3814f5fcbc1f8747198043ddccb3
1e30754d8fe88eee04066e91cabdf784880afffbf71b8f08fbe6eb230ff9ad15
228d4ac5bf724e38bc813b0f46c9be14a60a48485ae76ec108d161e00d66f07f
22b39a24722fc85eaa959adee93be1bbcbca4409a05bb804c983882a30b6d9d4
2f0b0c6c75269a026030cb5fdfd8eaf52e4ecab938934322b6eae7f905f6c1b9
384717be2243f9b0932204a35be85664bd381a83ef9379bf750f904eea2325f4
38be46aaa000896df8c89b3d6fc608efe575d822c4f4541cf7ad6b5069ce2879
3eeee134644fef99f16c28ef0046a5c88b67cab5a49dd39b0d460aab9831b545
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
4a2a384c4cff4a76fc529417bcfb0642348f372e1090f1d64b6cb7ceae064286
4c89803d09fdba906aa041a5208de4632f5dcc6510d589a89aabf79e7721b85b
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
535f02e5af659d7307f975fb17d8bc7cf20fa26e8e5ace67e4b0075bd73ad3f9
559a910060423ed485ddc062a9ab5318859bbfde26be3f73d9b83ac0b9dae677
593998021e5710fcc6797244da4006389ea8a5c15dc3ce7a661685cb36638844
5aa726c4d4bb74e7e4f3179270f6f1faaac74117dd25ef5cbd4c535c4657b4f1
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5d29a656a46b5ec7192d1714e91b2bc38c6139e99dccd91889bad455e7d9b2b3
5e59aec8e7d030aed6e4522c0f76586d09c0e4185203c889a1ebeb2682a459c1
63c7c55bc689efe97aecc45a97922d6f94ff8bf1faf3b8ca10d5de57119fc30d
6a28df5c1174a60d85e2ac7b1508ae7d4c302e4b646268a9f55027b2313fc3b0
6a8f55d140604ca7fed7724ee5d45c06d445673636211543d30959c317a98a4b
6e2d507a682a321eb27f9af29aeb6af4f1ac082d85e550482d8e0390f7e31e29
70fa967643e2cdc7c975645683c022477720cda24182a5d9e39761eaeddc8c4b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e84c9f8d71bc6eb2dac2fce59a6caea62da51ffa8cf56b41806f59386ab1322
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
90898bd339adc18088a35ff8137f074dffdd6c919ac13f67dc74f703493799ed
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
98004b712694b8723e9bf486c48a82b897ba7889cf5e85c8dcc0cc18b741cc61
9a7d9efa1b0bf0b16fa8b02f0c5bb9be1afc08ee0fd3e158f6329dadaa722732
9a7f03e46286307bc4bd3efdabbf50368ab908f8788494e65679dee2dc110259
9b8f4bcc41b57140172f0b0ffd234431a9002e75e9909d095dce86b7c624e366
9bf788c5c4b2f5dbac82e1aa2eb8a8d8ace8b0af12602dec64d33b622c2db717
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
a1ac109fb0da76a03eb39daecb548806675cda9793ad6bce4621c651746de08f
a38a2414cebfe1e46e55001842a65083c033d74f3b0c064ce6251359d9a8fd41
a5493a5b3c37e372b6fbad104606ee808ea4ff2f4f9b9f42ab060e20ca78cf84
a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00
ab68272fad8c0a39ccc202f1708bdefabf64f6e73d575030f786ecc9a5192756
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b22af4a2147a7df85e7f7730f9e32c2bf563a754900da5eb1a0ece766164b85c
b4f65bdebe62dcae8f41d3e51d6b16afe15047a1d654a16fec995d5d67b67e0b
bcbb40d31da55034b503825f407cf3a907a0cd758001c67ad11ba5d683d3df5e
c682502bdd9d75ab27160338a8acdbc9d1fe1587ab08e5d8bc04d785c3e65745
c6c5f5822b2e1a14785e239541fb378102a47666d35559d9101b495c134438d9
c948cfb891170099b30422e44fd7394a134f3c654d8fb9ed7c86fd97315ae1ac
ca92bd056e48d0542ab766b6945e1220d0ebb02b1e273ca0e08bae663c4d264e
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d1c9f61d0d3e364cc5402221c319db70ede5fc112e00ea8d57c5a8a5de42560a
d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
d9eef86302b4cafaa9ceb5705c0791ecfda2ea2a20d7b9b84adbe352a1df7374
e057df8838d919d05b9116a3a365755ef79f1554be4c766cd7d40faf0417e4d1
e24ff9d7af39721c9b6cdbe16993a770248fdd9b8e488ab88db292e151f82980
e2dccca60e73740cafc49d71897fdba94cc205e1b3991e8c7034736bc860f53f
e7cc81f7d832797109be301da6fd795dc73d0dca62381c9a12c9762069b618bf
ee0ca47af9bade7c37f57851e2714f92c67953b69048e9cc9b8be4e28cab161b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f530b2846a96fd27833c2058a8b8b0bac2b10f5a91981caf39d394cae166710d
f8ff5468dbf38300910d4beec98b593030a06c0563bc5015f00dd58cc0de7ade
fab2807600fc258a428268639fd022ac96d2e0e2f42d3437e33d1b665d41dccc
fae7bf9d1cdeb573f3d7a2ae49148b2873118ed987b3b91fbaceec7c97d048e6

stateofchange-clinic.com Open in urlscan Pro 199.189.224.197 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

97 %HTTPS

90 %IPv6

10 Domains

10 Subdomains

11 IPs

1 Countries

1613 kBTransfer

4226 kBSize

6 Cookies

9 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

stateofchange-clinic.com Open in urlscan Pro
199.189.224.197 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

97 %
HTTPS

90 %
IPv6

10
Domains

10
Subdomains

11
IPs

1
Countries

1613 kB
Transfer

4226 kB
Size

6
Cookies

75 HTTP transactions
7 data transactions