www2.crossoverhealth.com/rs/623-DRR-128/images/instagram-glyph-1
104.17.73.206302 Found 101 B URL HTTP/1.1 www2.crossoverhealth.com/rs/623-DRR-128/images/instagram-glyph-1
IP 104.17.73.206:0
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash ec280474c1aadca46c043a65f61722dd
7264d5b391ece27dae0a880d758a335ba92d02ca
bab4f58a986b9d294f5308866e211aaa8d64f3b93ea7f74ed5aa7aa31fda4cf2
GET /rs/623-DRR-128/images/instagram-glyph-1 HTTP/1.1
Host: www2.crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 06 Feb 2023 19:17:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://www.crossoverhealth.com
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=8yRxJIX5qm4xLp9LLgDFZ0yC4ABDR7GrmBqXXAYc4q8-1675711065-0-AVESsy9+0H/mpuW6DkwHq8PyvTrKC5E1tBsWuQVP2Mw650vKI1LOOvKci/1zpjLxI7ieT1dO8HvcQhw7jvaKL5I=; path=/; expires=Mon, 06-Feb-23 19:47:45 GMT; domain=.www2.crossoverhealth.com; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 79563a4bd816b4ee-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7286
Expires: Mon, 06 Feb 2023 21:19:11 GMT
Date: Mon, 06 Feb 2023 19:17:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13565
Expires: Mon, 06 Feb 2023 23:03:50 GMT
Date: Mon, 06 Feb 2023 19:17:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 18:34:06 GMT
content-type: application/json
age: 2619
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2980
Expires: Mon, 06 Feb 2023 20:07:25 GMT
Date: Mon, 06 Feb 2023 19:17:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aWiHKzmDOnzpBU7RqqkMRd+MgWvo1McrFERIuvUmxMu2fL7fIxNjxmBeAbYTmOdlNr/hxXmSXkA=
x-amz-request-id: 7CGC93DJ7XKCNQG0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 18:45:16 GMT
age: 1949
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.crossoverhealth.com/
151.101.194.159301 Moved Permanently 162 B IP 151.101.194.159:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET / HTTP/1.1
Host: www.crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Location: https://www.crossoverhealth.com/
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
X-FW-Server: Flywheel/5.1.0
X-FW-Hash: bexjxigjzy
X-FW-Version: 5.0.0
Server: Flywheel/5.1.0
Accept-Ranges: bytes
Date: Mon, 06 Feb 2023 19:17:45 GMT
X-Served-By: cache-bma1662-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1675711065.234993,VS0,VE2
Vary: Authorization
X-FW-Serve: TRUE
X-FW-Static: NO
X-FW-Type: VISIT
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 19:17:45 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c0f31b5daa7afa5055b0e150608b1fa8
67d46243db20c7550ffe2bc5cac3ca6e68ecd203
118da5412663a8413e819699c8d032835c4ef4a2367508940ddea6caeceec160
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "118DA5412663A8413E819699C8D032835C4EF4A2367508940DDEA6CAECEEC160"
Last-Modified: Sun, 05 Feb 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21575
Expires: Tue, 07 Feb 2023 01:17:20 GMT
Date: Mon, 06 Feb 2023 19:17:45 GMT
Connection: keep-alive
www.crossoverhealth.com/
151.101.194.159301 Moved Permanently 0 B IP 151.101.194.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: www.crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
cache-control: max-age=3600
x-redirect-by: redirection
location: https://crossoverhealth.com/
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-dynamic: TRUE
x-fw-hash: bexjxigjzy
x-fw-version: 5.0.0
server: Flywheel/5.1.0
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:45 GMT
x-served-by: cache-bma1637-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675711066.541774,VS0,VE3
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
content-length: 0
X-Firefox-Spdy: h2
crossoverhealth.com/
151.101.194.159200 OK 46 kB IP 151.101.194.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3152), with CRLF, LF line terminators
Hash db6b7b3a90c141a72c01dc4af1262c69
35b6728b65493264a31e04eafee71ed237f0ee84
f1a5039abe8594fd2f3cab867f0a4c1fa3a3f79c0d9b0e0f758c483d4c2ff967
GET / HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
link: <https://crossoverhealth.com/wp-json/>; rel="https://api.w.org/", <https://crossoverhealth.com/wp-json/wp/v2/pages/24004>; rel="alternate"; type="application/json", <https://crossoverhealth.com/>; rel=shortlink
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-dynamic: TRUE
x-fw-hash: bexjxigjzy
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:45 GMT
x-served-by: cache-bma1637-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675711066.571995,VS0,VE2
vary: Accept-Encoding
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
content-length: 45688
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 19:07:20 GMT
age: 625
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/themes/xo-theme/images/logo-dark.png
151.101.194.159200 OK 9.5 kB URL HTTP/2 crossoverhealth.com/wp-content/themes/xo-theme/images/logo-dark.png
IP 151.101.194.159:0
File type PNG image data, 320 x 62, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f1c4990145cb8bd01cee8fc07192f1f
08cfabe6cb4207df0958657bb3ce8abf29d28c1e
7d407c0eae8349dc64fe43110515ad9591bd150c51063fc6d1425d716c25bc72
GET /wp-content/themes/xo-theme/images/logo-dark.png HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Mon, 11 Apr 2022 19:07:33 GMT
etag: W/"62547c75-2651"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:45 GMT
x-served-by: cache-bma1637-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675711066.698031,VS0,VE17
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 9536
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash e9abb2fefdfbc9ecd2ed10d8019ab372
c3ffda12c9ae4e6ebca6f4b80bfebf61bd8c617f
75210ebc0d1d7eef6461a15725a842af6fb8c2dfb2d3d9a2bb7e6464d8a9754a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6296
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:17:45 GMT
Last-Modified: Mon, 06 Feb 2023 17:32:49 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 45214010f2ef8a835d723fcd5b485977
346507b6da40928a8c600ef9c52fd6a7e0875344
4b4e5c2038d6fe241aedc738e0bd22052078bf365b6dade88cae752d0f06fa54
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:17:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
player.vimeo.com/api/player.js
162.159.138.60200 OK 6.3 kB URL HTTP/1.1 player.vimeo.com/api/player.js
IP 162.159.138.60:0
File type Unicode text, UTF-8 text, with very long lines (21087)
Hash be35514553399a516ec9a8a782341d76
cc471c8a2ad4a645656f72e0833a3cd1a9131b63
ab060007b859a933f8fb7bbc505c9c0a06eef5813ab909d9f09f9656c2d53505
GET /api/player.js HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 19:17:45 GMT
Content-Type: application/javascript;charset=utf-8
Content-Length: 6272
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Mon, 06 Feb 2023 19:41:59 GMT
x-host: player-7b7859db66-vz55r
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 1
x-vserver: playproxy-rollout-prod-varnish-3
x-backend-proxy: playproxy4
x-bapp-server: player-7b7859db66-vz55r
Accept-Ranges: bytes
Age: 346
X-Served-By: cache-cph2320056-CPH
X-Cache: HIT
X-Cache-Hits: 830
X-Timer: S1675711066.756234,VS0,VE0
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=CXFzrdRKwKztkSdZIa8Z0P4xZyLaUX8hO5vSYdB6QHI-1675711065-0-AalNgjqu74rIDYqtDYB9ityORjWO93YmgV0aoLm4oZTDrWiBqx8taylttncRYLmrIxoH1Df/WKOUUuBrfFr1U58=; path=/; expires=Mon, 06-Feb-23 19:47:45 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 79563a50d9550b31-OSL
crossoverhealth.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1.1675707430
151.101.194.159200 OK 124 B URL HTTP/2 crossoverhealth.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1.1675707430
IP 151.101.194.159:0
File type ASCII text, with no line terminators
Hash 25a6c0e7f261b455c57d9b78eb8282b8
40c876cffb75b2766452056e6f9049e0bcd15374
ddfa4dacedb6f898b7331ac278fac32a64a4da17f70aa2cb8ef47987b920cef1
GET /wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1.1675707430 HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 25 Nov 2022 22:16:28 GMT
etag: W/"63813ebc-ca"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:45 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.689201,VS0,VE124
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 124
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/uploads/2022/01/clinic_V1.svg
151.101.194.159200 OK 671 B URL HTTP/2 crossoverhealth.com/wp-content/uploads/2022/01/clinic_V1.svg
IP 151.101.194.159:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 326cd1dba24c1190c81b9521770cb1dd
c587a529380ab07a5c3dc49b460dac636da64286
fa8c9fb99394608450a96d6e4684052deb58e5416d6a54864e46efc077471373
GET /wp-content/uploads/2022/01/clinic_V1.svg HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 28 Jan 2022 23:57:01 GMT
etag: W/"61f482cd-4dc"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:45 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.711072,VS0,VE125
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 671
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/uploads/2022/01/usa_v1.svg
151.101.194.159200 OK 2.8 kB URL HTTP/2 crossoverhealth.com/wp-content/uploads/2022/01/usa_v1.svg
IP 151.101.194.159:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash dc17b64fd87039b49717561597437833
c637879c12f09def22aac3064589b788a6b60ab1
8371bd283756dbc7b3b597dcf896e37908ddfd4893356a33fdc811d0e5fc58c8
GET /wp-content/uploads/2022/01/usa_v1.svg HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 28 Jan 2022 23:14:20 GMT
etag: W/"61f478cc-20d2"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:45 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.711562,VS0,VE129
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 2820
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:17:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5585
Expires: Mon, 06 Feb 2023 20:50:50 GMT
Date: Mon, 06 Feb 2023 19:17:45 GMT
Connection: keep-alive
crossoverhealth.com/wp-content/themes/xo-theme/src/js/vendor/jquery-3.2.1.min.js?ver=1675707430
151.101.194.159200 OK 33 kB URL HTTP/2 crossoverhealth.com/wp-content/themes/xo-theme/src/js/vendor/jquery-3.2.1.min.js?ver=1675707430
IP 151.101.194.159:0
File type ASCII text, with very long lines (32058)
Hash 47605391d7c08c4d0c91adac4c092774
e457e8935d1f86e0fc1c9ea8421ed7d3eb07149b
94d27b9f3849a156b482312238a51d4aeb3fb9ac63717bc014c2def585328710
GET /wp-content/themes/xo-theme/src/js/vendor/jquery-3.2.1.min.js?ver=1675707430 HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 06:16:26 GMT
etag: W/"6328093a-15283"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:45 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.711940,VS0,VE249
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 33107
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/uploads/tablepress-combined.min.css?ver=3.1675707430
151.101.194.159200 OK 2.6 kB URL HTTP/2 crossoverhealth.com/wp-content/uploads/tablepress-combined.min.css?ver=3.1675707430
IP 151.101.194.159:0
File type ASCII text, with very long lines (6129)
Hash 11d255db25d7b657dc82a4a0965585fb
a13760fcd6b56108ea787b7a2de0006bb01553a2
b443777330a72ecd36b6e4c6a83e6a14af4a07506602d7dc658e34b50336d9a3
GET /wp-content/uploads/tablepress-combined.min.css?ver=3.1675707430 HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 20 Jan 2023 11:57:11 GMT
etag: W/"63ca8197-1814"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.692424,VS0,VE361
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2583
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/uploads/2021/11/dollar.svg
151.101.194.159200 OK 716 B URL HTTP/2 crossoverhealth.com/wp-content/uploads/2021/11/dollar.svg
IP 151.101.194.159:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4fcfde17c45d3d427583fb5e8d3ab249
cb63a5c18fe48d8c4b7dd5116117dce79ab69293
a8991f1ce137201778b1b636818334f89ecbff71c91c1d5aca83e4a5f9a698cd
GET /wp-content/uploads/2021/11/dollar.svg HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Tue, 30 Nov 2021 07:54:15 GMT
etag: W/"61a5d8a7-561"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.711422,VS0,VE364
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 716
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/script.min.js?ver=1.1675707430
151.101.194.159200 OK 274 B URL HTTP/2 crossoverhealth.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/script.min.js?ver=1.1675707430
IP 151.101.194.159:0
File type ASCII text, with very long lines (409), with no line terminators
Hash d3b523d8e42f3b2f9038cc010417197a
bd74e1d521f5d397c1f4c0b457975bf9f88c7d62
6bdda4f24c661dcbbf129e02dfd57b1d9c80f2e607b1666f5eb3d3969cafa5af
GET /wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/script.min.js?ver=1.1675707430 HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 22:16:28 GMT
etag: W/"63813ebc-199"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.713914,VS0,VE362
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 274
X-Firefox-Spdy: h2
crossoverhealth.com/wp-includes/css/classic-themes.min.css?ver=1.1675707430
151.101.194.159200 OK 189 B URL HTTP/2 crossoverhealth.com/wp-includes/css/classic-themes.min.css?ver=1.1675707430
IP 151.101.194.159:0
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
GET /wp-includes/css/classic-themes.min.css?ver=1.1675707430 HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 15 Nov 2022 20:31:33 GMT
etag: W/"6373f725-d9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: bexjxigjzy
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.682249,VS0,VE480
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 189
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.1.1675707430
151.101.194.159200 OK 3.8 kB URL HTTP/2 crossoverhealth.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.1.1675707430
IP 151.101.194.159:0
File type ASCII text, with very long lines (21597)
Hash 5d94e9dfe684d8939b2f38b7c2abf59f
e1904fc25bba9064f96fa5ae1ce08d60d2b5b572
76d520984098e60a0bef8c0d336ca057cce7185d11cedf18c2ec2a10ccea3c2e
GET /wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.1.1675707430 HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 07 Nov 2022 14:56:40 GMT
etag: W/"63691ca8-545e"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.681853,VS0,VE482
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3802
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/style.min.css?ver=1.1675707430
151.101.194.159200 OK 570 B URL HTTP/2 crossoverhealth.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/style.min.css?ver=1.1675707430
IP 151.101.194.159:0
File type ASCII text, with very long lines (1716), with no line terminators
Hash d4e42e5322ed9ce5da9b6e9153387946
63c73d848204af8dafe4fe0382320e837ac31112
aae5c16ce3429d7df0867349c6ed9d8e374db0155299632959b36343ae741031
GET /wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/style.min.css?ver=1.1675707430 HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 25 Nov 2022 22:16:28 GMT
etag: W/"63813ebc-6b4"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.688801,VS0,VE479
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 570
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/plugins/custom-twitter-feeds/css/ctf-styles.min.css?ver=2.0.3.1675707430
151.101.194.159200 OK 3.5 kB URL HTTP/2 crossoverhealth.com/wp-content/plugins/custom-twitter-feeds/css/ctf-styles.min.css?ver=2.0.3.1675707430
IP 151.101.194.159:0
File type ASCII text, with very long lines (17189), with no line terminators
Hash f7a4f567594f58028ac529f71ba0291a
8d956d33197543216b62d01e9da5f3d0f4c3f7df
bfb60df510374c20e712dad501fbde2fc65e371586f30f3d34fd2538deb868d3
GET /wp-content/plugins/custom-twitter-feeds/css/ctf-styles.min.css?ver=2.0.3.1675707430 HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 16 Aug 2022 09:18:04 GMT
etag: W/"62fb60cc-4325"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.687928,VS0,VE484
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3485
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70.1675707430
151.101.194.159200 OK 241 B URL HTTP/2 crossoverhealth.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70.1675707430
IP 151.101.194.159:0
Hash 9fd3924a5cbce9668a681fecd90c7bf4
2d1a839353cdc39cfc1e3de811a59d192de0546d
944745b809a1f225427fff1d77c23c7570b86540656fb77430d098cac27c71ed
GET /wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70.1675707430 HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 20 Dec 2021 17:59:22 GMT
etag: W/"61c0c47a-176"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.690641,VS0,VE482
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 241
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/plugins/beautiful-and-responsive-cookie-consent/public/cookieNSCconsent.min.css?ver=2.10.0.1675707430
151.101.194.159200 OK 1.8 kB URL HTTP/2 crossoverhealth.com/wp-content/plugins/beautiful-and-responsive-cookie-consent/public/cookieNSCconsent.min.css?ver=2.10.0.1675707430
IP 151.101.194.159:0
File type ASCII text, with very long lines (2186)
Hash 55da403aa47af6a7b1f4eb753dddf4e3
ae64f8b94227c25f48146a8f62a06580276f5829
bbeab656e1ed33a22a960e4c77c1bf01dda774ed6b94f9f48b6c46ec7db61a64
GET /wp-content/plugins/beautiful-and-responsive-cookie-consent/public/cookieNSCconsent.min.css?ver=2.10.0.1675707430 HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 20 Jan 2023 11:54:40 GMT
etag: W/"63ca8100-18a0"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.690950,VS0,VE487
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1814
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.186.71.207101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.71.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PPRrkNCmvIw313+swN2xPQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9rNmjQYafL78MSJUKDBrX4OZeg0=
crossoverhealth.com/wp-content/plugins/beautiful-and-responsive-cookie-consent/public/cookieNSCconsent.min.js?ver=2.10.0.1675707430
151.101.194.159200 OK 9.2 kB URL HTTP/2 crossoverhealth.com/wp-content/plugins/beautiful-and-responsive-cookie-consent/public/cookieNSCconsent.min.js?ver=2.10.0.1675707430
IP 151.101.194.159:0
File type ASCII text, with very long lines (28144), with no line terminators
Hash 3a1bbcf6b9f8ccd323c47f2c2202257a
888277ad1d65214a35534f85f9fd7ecf6bd5897a
33102f235e422b9f77de337c50044c6b6423b39ef4607884da089738d2fc70d3
GET /wp-content/plugins/beautiful-and-responsive-cookie-consent/public/cookieNSCconsent.min.js?ver=2.10.0.1675707430 HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 20 Jan 2023 11:54:40 GMT
etag: W/"63ca8100-6df0"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.714648,VS0,VE481
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 9247
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/plugins/hideyt-premium/hideyt.js?ver=6.1.1.1675707430
151.101.194.159200 OK 4.6 kB URL HTTP/2 crossoverhealth.com/wp-content/plugins/hideyt-premium/hideyt.js?ver=6.1.1.1675707430
IP 151.101.194.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (381), with CRLF line terminators
Hash 5b052e4673bc241858c83f571ec50479
6e24aae6ee8177b15ff9132370c8622d736eae8e
feccad9ab51ad6b201451a27736f3b87d8795a5238673ab0dd6cfe6cff304b50
GET /wp-content/plugins/hideyt-premium/hideyt.js?ver=6.1.1.1675707430 HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 16:31:49 GMT
etag: W/"63a091f5-4626"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.712219,VS0,VE487
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4647
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/uploads/2021/11/smile.svg
151.101.194.159200 OK 762 B URL HTTP/2 crossoverhealth.com/wp-content/uploads/2021/11/smile.svg
IP 151.101.194.159:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 64f5a9a4df71b2648b367d71ca115c9a
7c04421367c08189763b88a4b219d36c9c85ec25
13f3451d0cffefc06eab769c3e220fe5edd88c377ecb239125531d57c06afc00
GET /wp-content/uploads/2021/11/smile.svg HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Tue, 30 Nov 2021 07:54:19 GMT
etag: W/"61a5d8ab-60f"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.710791,VS0,VE502
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 762
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/uploads/2021/12/whatyouget_image2.jpg
151.101.194.159200 OK 36 kB URL HTTP/2 crossoverhealth.com/wp-content/uploads/2021/12/whatyouget_image2.jpg
IP 151.101.194.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x622, components 3\012- data
Hash 7d5c0c94053286ba35500f1a33b558ef
0322da63a6f8cdedf7c24576ed7ed71db6d68067
6ba528f990e1048318991fb4054448be2581cbaf8caa0a5ebfee814a2d85dc2b
GET /wp-content/uploads/2021/12/whatyouget_image2.jpg HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Mon, 20 Dec 2021 10:28:04 GMT
etag: W/"61c05ab4-8f2f"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.704793,VS0,VE605
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 36464
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/uploads/2021/11/CrossoverHealth-Louisville_5-MemberExperience-2738x1825-1-scaled-1-1024x683.jpg
151.101.194.159200 OK 68 kB URL HTTP/2 crossoverhealth.com/wp-content/uploads/2021/11/CrossoverHealth-Louisville_5-MemberExperience-2738x1825-1-scaled-1-1024x683.jpg
IP 151.101.194.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1024x683, components 3\012- data
Hash c28325fa3da879f356a3dc24e3d370ba
21d468f9a8bfd159ee4debebcb085b53598a7a23
2854f221165ceab6cee0d3a74c0e3590fa7a08e00169e771867b1c8706de445f
GET /wp-content/uploads/2021/11/CrossoverHealth-Louisville_5-MemberExperience-2738x1825-1-scaled-1-1024x683.jpg HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Sat, 18 Dec 2021 19:48:46 GMT
etag: W/"61be3b1e-10a62"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.698492,VS0,VE720
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 67887
X-Firefox-Spdy: h2
crossoverhealth.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1.1675707430
151.101.194.159200 OK 5.5 kB URL HTTP/2 crossoverhealth.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1.1675707430
IP 151.101.194.159:0
File type ASCII text, with very long lines (15660)
Hash 17db16eba9de064a60b18a592b36634a
82fc955209623803111e48d5be3cf345315be6f5
1144901adf4e1d54838e6e04a2b75314f3b95518ee654d8c1742af50e355b433
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1.1675707430 HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 20:31:33 GMT
etag: W/"6373f725-48b9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: bexjxigjzy
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.889865,VS0,VE555
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 5515
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/uploads/2021/11/CrossoverHealth-DFW_Duncanville_1-MemberExperience-4789x3193-1-1024x683.jpg
151.101.194.159200 OK 108 kB URL HTTP/2 crossoverhealth.com/wp-content/uploads/2021/11/CrossoverHealth-DFW_Duncanville_1-MemberExperience-4789x3193-1-1024x683.jpg
IP 151.101.194.159:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 150x150, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, manufacturer=Canon, model=Canon EOS 5D Mark II, xresolution=162, yresolution=170, resolutionunit=3, software=Adobe Photoshop Lightroom Classic 10.0 (Windows), datetime=2020:12:02 06:41:11], baseline, precision 8, 1024x683, components 3\012- data
Size 108 kB (108254 bytes)
Hash 7976d95ebc57f7ca32d7d4079f18b123
cc0b5c15a8a18fe3b922023c03a3382fa91bacd5
50007e93b1f09818300589fb3e934ff071041eeb95bf522abeaed309dddf3dad
GET /wp-content/uploads/2021/11/CrossoverHealth-DFW_Duncanville_1-MemberExperience-4789x3193-1-1024x683.jpg HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Mon, 20 Dec 2021 11:38:00 GMT
etag: W/"61c06b18-1d686"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.703477,VS0,VE720
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 108254
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.5.14.1675707430
151.101.194.159200 OK 150 B URL HTTP/2 crossoverhealth.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.5.14.1675707430
IP 151.101.194.159:0
Hash ec3f755ce1949936c778aa7faeec7da6
108056dea5b81062f1186526c2f4c0b5e10f7272
49160eef4b976d9463b9d290e8ac083ccda727c6f97aad5e292b1c4ae654f125
GET /wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.5.14.1675707430 HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 22:16:27 GMT
etag: W/"63813ebb-e2"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.712114,VS0,VE756
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 150
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/uploads/2021/11/CrossoverHealth-Phoenix_Tolleson_1-MemberExperience-3464x2309-1-scaled-1-1024x683.jpg
151.101.194.159200 OK 88 kB URL HTTP/2 crossoverhealth.com/wp-content/uploads/2021/11/CrossoverHealth-Phoenix_Tolleson_1-MemberExperience-3464x2309-1-scaled-1-1024x683.jpg
IP 151.101.194.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1024x683, components 3\012- data
Hash 4f4a9dfe4639bd00e4067760f82d8048
036f720d7cb3eeabb7b7b299125b97c3e4b8ee2a
5c40477f307a7ae1fa85c27128dbe93f1ffb564bd1ac9198764d8fc71f2ec10a
GET /wp-content/uploads/2021/11/CrossoverHealth-Phoenix_Tolleson_1-MemberExperience-3464x2309-1-scaled-1-1024x683.jpg HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Sat, 18 Dec 2021 19:49:13 GMT
etag: W/"61be3b39-1598c"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.703141,VS0,VE730
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 88208
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/uploads/2022/03/virtual_side_by_side.png
151.101.194.159200 OK 142 kB URL HTTP/2 crossoverhealth.com/wp-content/uploads/2022/03/virtual_side_by_side.png
IP 151.101.194.159:0
File type PNG image data, 1020 x 600, 8-bit colormap, non-interlaced\012- data
Size 142 kB (141901 bytes)
Hash e89d113316105e15509c2ff6f2770df2
bc55c4a2d079b0f431f1fb8cc710f1b093c9696b
59a538b0824f41a56f69675b489d87cb899f63f7be5fabdf42e3aab0dc84a92d
GET /wp-content/uploads/2022/03/virtual_side_by_side.png HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Mon, 21 Mar 2022 23:00:26 GMT
etag: W/"6239038a-230b6"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.711789,VS0,VE843
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 141901
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/uploads/2021/12/CrossoverHealth-DFW_Grapevine_1-MemberExperience-1920x1280-1-1024x683.jpeg
151.101.194.159200 OK 67 kB URL HTTP/2 crossoverhealth.com/wp-content/uploads/2021/12/CrossoverHealth-DFW_Grapevine_1-MemberExperience-1920x1280-1-1024x683.jpeg
IP 151.101.194.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1024x683, components 3\012- data
Hash 943a8a1043b76415316712511ee84353
8937c4c956c4e4b9a7e692bbb93a2f19e7cf4530
765517363241d4ae097d178d8739ea71db317349383167ef16e112e58bf4a8e9
GET /wp-content/uploads/2021/12/CrossoverHealth-DFW_Grapevine_1-MemberExperience-1920x1280-1-1024x683.jpeg HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Mon, 20 Dec 2021 13:40:52 GMT
etag: W/"61c087e4-10892"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.703924,VS0,VE993
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 67207
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/uploads/2021/12/CrossoverHealth-DFW_Highcrest_1-MemberExperience-1920x1281-1-1024x683.jpeg
151.101.194.159200 OK 73 kB URL HTTP/2 crossoverhealth.com/wp-content/uploads/2021/12/CrossoverHealth-DFW_Highcrest_1-MemberExperience-1920x1281-1-1024x683.jpeg
IP 151.101.194.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1024x683, components 3\012- data
Hash 78e2bd7ae45e8afaced6f6f81a56a33f
2e36a79e388a99fef145a5b08e3ff4fbf0e95112
06dbfe6897fa322501a2c89a00edae80cb7a9b15e2b5f68a541eacde13c19a74
GET /wp-content/uploads/2021/12/CrossoverHealth-DFW_Highcrest_1-MemberExperience-1920x1281-1-1024x683.jpeg HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Mon, 20 Dec 2021 13:43:32 GMT
etag: W/"61c08884-11f8a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.705097,VS0,VE998
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 73339
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/uploads/2021/11/CrossoverHealth-Phoenix_Maryvale_2-MemberExperience-3467x2307-1-scaled-1-1024x681.jpg
151.101.194.159200 OK 99 kB URL HTTP/2 crossoverhealth.com/wp-content/uploads/2021/11/CrossoverHealth-Phoenix_Maryvale_2-MemberExperience-3467x2307-1-scaled-1-1024x681.jpg
IP 151.101.194.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x681, components 3\012- data
Hash df259aedeb44f0c1352791d3ef53932c
5868dc17b8197170148470e9a930b0d72e019ece
2a4f7f23eb49614451200f6e6cecc1b56cf306004ccf69a9ee758b5ac066adbb
GET /wp-content/uploads/2021/11/CrossoverHealth-Phoenix_Maryvale_2-MemberExperience-3467x2307-1-scaled-1-1024x681.jpg HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Sat, 18 Dec 2021 19:49:32 GMT
etag: W/"61be3b4c-18275"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.710640,VS0,VE1108
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 98823
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18230
Expires: Tue, 07 Feb 2023 00:21:37 GMT
Date: Mon, 06 Feb 2023 19:17:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18230
Expires: Tue, 07 Feb 2023 00:21:37 GMT
Date: Mon, 06 Feb 2023 19:17:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18230
Expires: Tue, 07 Feb 2023 00:21:37 GMT
Date: Mon, 06 Feb 2023 19:17:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 77264
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 714723c38877e0d1655c7118a88ec064
809a42ce7c76cea0ce16af8172d852723c3a5f02
6bad7253694d155de31a8f5a3c635545a39aac340ca49d1bc10efb6739d4a356
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8981
x-amzn-requestid: 0054e925-c381-4737-bd92-32b2af3a604e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQHRFoAMFw6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-45ea5ee33d07326c593d21d3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ixAMZh_xOYWVESJ0jOEPOXZ4GQBDUZZsh26yEDYfl8APcBF2x2sZYg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 77264
etag: "809a42ce7c76cea0ce16af8172d852723c3a5f02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9046d887fd45a0940e31a74173d17798
1ff698b9cf660165e846dfc4770f29852aedce45
0c7b0e1250aa7718b7b35b80a1442f62e94ace1fb578fb781ec8204ee96386d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ac2a383b-833d-4dae-9bd9-43dc3d9e373d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPEIyoAMFqUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-436bb6816b269ce45b9f8600;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RYNzle5-l5dOMPWb2Bmu_T5aIJw9NX2FKuJsej8hzpYZcgD6coH9SA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:09 GMT
age: 77258
etag: "1ff698b9cf660165e846dfc4770f29852aedce45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad2298793399bf73c51c7d60952065c1
816bd4c36ceea2c46489ae72fde0b4a94c7c4bef
dc540d64e5e0835c7007e89ca3b5dd620b43a87e13309f323f3843a5f908a199
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8649
x-amzn-requestid: f85f3c9d-95c1-4db6-af5f-595070fe46c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRHzboAMFQCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-6eed72bf20887cac6dc1a56a;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tNp3KhwtaSjchn-VAo1VellQ63I1W9uIbkQ_84Y7z_4z--vGfz8PGA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:53:56 GMT
age: 77031
etag: "816bd4c36ceea2c46489ae72fde0b4a94c7c4bef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WVfpilnwhnRXBhJkHBWjxxoP09f7SqlRk8CdWRWOubIIwe0CX89bUA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:13:39 GMT
age: 75848
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0c62c5956f36c9f1c5d2f17bc372d98
fca4d7140e4c391b02d734425ccc92acec568a70
eb1b743ede5ed223536358bd92a322ca5231267f4434be1eced98a0fe93b790d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8929
x-amzn-requestid: ea29dd36-d05b-4824-ba18-78f868259f76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQEeTIAMFqGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-7a6ade1c4501a81c0823ce10;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O-QHP886Cczm6dsVDQVMR7SMSxgIhUSuEPAKJvzQTQtkj59Pg-z9QA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 77264
etag: "fca4d7140e4c391b02d734425ccc92acec568a70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/themes/xo-theme/build/bundle.js?ver=6.1.1.1675707430
151.101.194.159200 OK 429 kB URL HTTP/2 crossoverhealth.com/wp-content/themes/xo-theme/build/bundle.js?ver=6.1.1.1675707430
IP 151.101.194.159:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (309)
Size 429 kB (429027 bytes)
Hash 1dfbdf5ca5d8df2677799c10e616c09f
d967abbd40da2d0bd0542f0f9bf155c362cf919d
5afd11d4b54a92f05345b6980e7e95ca5deb3fe82f92cb90fa1904d51348387b
GET /wp-content/themes/xo-theme/build/bundle.js?ver=6.1.1.1675707430 HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 13 Jan 2023 08:46:55 GMT
etag: W/"63c11a7f-1ce722"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.715772,VS0,VE982
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 429027
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/themes/xo-theme/build/main.css?ver=6.1.1.1675707430
151.101.194.159200 OK 644 kB URL HTTP/2 crossoverhealth.com/wp-content/themes/xo-theme/build/main.css?ver=6.1.1.1675707430
IP 151.101.194.159:0
File type Unicode text, UTF-8 text, with very long lines (1654), with CRLF, LF line terminators
Size 644 kB (643569 bytes)
Hash 62439c5871394779d6ff43032d4d813e
ce609607e326803bb229e51c33dcaf63d133c6f7
82cf6f6860e384669242dacdfd7e1cb335a7558e91603af42d46e32138fa2625
GET /wp-content/themes/xo-theme/build/main.css?ver=6.1.1.1675707430 HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 13 Jan 2023 09:02:16 GMT
etag: W/"63c11e18-32dd0d"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:46 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711066.692203,VS0,VE1101
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 643569
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8a8877498ba0251db74426b3f870214f
74fec8c2f629deb1dbe941f7333f3fd386edd201
130db20b1830cc3475d18ab8e41e15f030e9096808a977d4470137252088bedc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5933
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:17:47 GMT
Last-Modified: Mon, 06 Feb 2023 17:38:54 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
crossoverhealth.com/wp-content/themes/xo-theme/src/fonts/Agipo-Bold/Agipo-Bold.woff2
151.101.194.159200 OK 39 kB URL HTTP/2 crossoverhealth.com/wp-content/themes/xo-theme/src/fonts/Agipo-Bold/Agipo-Bold.woff2
IP 151.101.194.159:0
File type Web Open Font Format (Version 2), TrueType, length 39068, version 1.0\012- data
Hash e9f7717f2f22cd9af827a6740521a0a3
bd0ca6173549d85fe3c6730fa7af6cf24f21cd2a
efaa3e8166cbdd1af86ef980c55b1546ae99ea0f68b0dfcf11f61166831d5505
GET /wp-content/themes/xo-theme/src/fonts/Agipo-Bold/Agipo-Bold.woff2 HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://crossoverhealth.com/wp-content/themes/xo-theme/build/main.css?ver=6.1.1.1675707430
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Mon, 19 Sep 2022 06:16:33 GMT
etag: "63280941-989c"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:48 GMT
x-served-by: cache-bma1637-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675711068.008993,VS0,VE3
vary: Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 39068
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/themes/xo-theme/src/fonts/Agipo-Regular/Agipo-Regular.woff2
151.101.194.159200 OK 40 kB URL HTTP/2 crossoverhealth.com/wp-content/themes/xo-theme/src/fonts/Agipo-Regular/Agipo-Regular.woff2
IP 151.101.194.159:0
File type Web Open Font Format (Version 2), TrueType, length 40160, version 1.0\012- data
Hash 42a19f758e44d5d67291ad994a4fc2dd
dc43f883535cc1fa880343e9ce027f3875440665
47728dfa2a0f3f2d0e9d5ee0eb96201e17d7bc9aba3a9467e4ffadb3ffd7de35
GET /wp-content/themes/xo-theme/src/fonts/Agipo-Regular/Agipo-Regular.woff2 HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://crossoverhealth.com/wp-content/themes/xo-theme/build/main.css?ver=6.1.1.1675707430
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Mon, 19 Sep 2022 06:16:31 GMT
etag: "6328093f-9ce0"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:48 GMT
x-served-by: cache-bma1637-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675711068.010464,VS0,VE19
vary: Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 40160
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8a8877498ba0251db74426b3f870214f
74fec8c2f629deb1dbe941f7333f3fd386edd201
130db20b1830cc3475d18ab8e41e15f030e9096808a977d4470137252088bedc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5934
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:17:48 GMT
Last-Modified: Mon, 06 Feb 2023 17:38:54 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/s/gts1p5/mr4XpjX7o8Q
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/mr4XpjX7o8Q
IP 142.250.74.131:0
Hash 0b841c219a01554ecfb3e5ce07493175
54a8b3aa555dc874ae2adbd88c3ab3031cdb1b92
ddd7acd5f42248ce61b547a0853249e6216f21e0a029df4023342fa71928b38a
POST /s/gts1p5/mr4XpjX7o8Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:17:48 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
munchkin.marketo.net/munchkin.js
88.221.99.189200 OK 728 B URL HTTP/1.1 munchkin.marketo.net/munchkin.js
IP 88.221.99.189:0
File type ASCII text, with very long lines (521)
Hash 51a92d8c69733d719447dea0416ed039
69f4c1e0b7ebba812bc096708d57627927dff265
cb483c0ea4012ac512bcba6204b37622b388c1aefd4ae9028f60abb965f23d29
GET /munchkin.js HTTP/1.1
Host: munchkin.marketo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 06 Feb 2023 19:17:48 GMT
Content-Length: 728
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
tags.tiqcdn.com/utag/crossover/main/prod/utag.js
2.18.173.203200 OK 9.9 kB URL HTTP/2 tags.tiqcdn.com/utag/crossover/main/prod/utag.js
IP 2.18.173.203:0
File type HTML document, ASCII text, with very long lines (12935)
Hash 730eab0257ab38a1f98805744d3f5cb2
c6c971a6d8bf0704c1eb05c28049180b81ff621c
8c6033f406385370e9e7b573014e555c3c05612deabca3cbc9278bbce660d7c7
GET /utag/crossover/main/prod/utag.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "2636c3ce0c27da28d337b155ff3043db:1675095829.07023"
last-modified: Mon, 30 Jan 2023 16:23:49 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Mon, 06 Feb 2023 19:22:48 GMT
date: Mon, 06 Feb 2023 19:17:48 GMT
content-length: 9928
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/themes/xo-theme/src/fonts/Agipo-Light/AgipoLight-Regular.woff2
151.101.194.159200 OK 34 kB URL HTTP/2 crossoverhealth.com/wp-content/themes/xo-theme/src/fonts/Agipo-Light/AgipoLight-Regular.woff2
IP 151.101.194.159:0
File type Web Open Font Format (Version 2), TrueType, length 34436, version 1.0\012- data
Hash 707dd57dee94877c032f532389030c79
39c83eeff071dc9de7fcdf8deb18e5ee24c400e2
81773a2a795c62ba55d317311155e6ac390c55ce5e8155dfe5011b7fd165f555
GET /wp-content/themes/xo-theme/src/fonts/Agipo-Light/AgipoLight-Regular.woff2 HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://crossoverhealth.com/wp-content/themes/xo-theme/build/main.css?ver=6.1.1.1675707430
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Mon, 19 Sep 2022 06:16:31 GMT
etag: "6328093f-8684"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:48 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711068.024846,VS0,VE129
vary: Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 34436
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/crossover/main/prod/utag.13.js?utv=ut4.48.202212281656
2.18.173.203200 OK 5.6 kB URL HTTP/2 tags.tiqcdn.com/utag/crossover/main/prod/utag.13.js?utv=ut4.48.202212281656
IP 2.18.173.203:0
File type ASCII text, with very long lines (1253)
Hash 6e93f050e2ae9e88717f8021e3a4ecb1
3717e7cfd54697b1a77bc77e5b824c2bae02c2ed
4d9c4a942234f4a95cd633c8876d3dba8d0d9027433f1498f20a9cd272a02339
GET /utag/crossover/main/prod/utag.13.js?utv=ut4.48.202212281656 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "8e5dc3cb5582f897b7ae146ff34e615f:1660827022.898945"
last-modified: Thu, 18 Aug 2022 12:50:22 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Tue, 21 Feb 2023 19:17:48 GMT
date: Mon, 06 Feb 2023 19:17:48 GMT
content-length: 5552
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/crossover/main/prod/utag.2.js?utv=ut4.48.202212281757
2.18.173.203200 OK 5.9 kB URL HTTP/2 tags.tiqcdn.com/utag/crossover/main/prod/utag.2.js?utv=ut4.48.202212281757
IP 2.18.173.203:0
File type ASCII text, with very long lines (2761)
Hash 7bddcf7f6bd2b543e3b38f9d7489af9d
f757e1aeaa3c0f4296a6471b0cfa5683d72b3298
687cadfc05e985b4aa59b14ebc57d9e8ca9e245a6db69977f7d05ba482d33ce4
GET /utag/crossover/main/prod/utag.2.js?utv=ut4.48.202212281757 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "091d310adf07f88ac6c7dbae7575e247:1660827023.143456"
last-modified: Thu, 18 Aug 2022 12:50:23 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Tue, 21 Feb 2023 19:17:48 GMT
date: Mon, 06 Feb 2023 19:17:48 GMT
content-length: 5928
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/crossover/main/prod/utag.3.js?utv=ut4.48.202212281757
2.18.173.203200 OK 4.6 kB URL HTTP/2 tags.tiqcdn.com/utag/crossover/main/prod/utag.3.js?utv=ut4.48.202212281757
IP 2.18.173.203:0
File type ASCII text, with very long lines (5823)
Hash 88d717fa70e2289ba7140985e0b66199
f2419cd151adc74eecbaabac4cee989b0d0f56c3
e61a3db9f530774a8e5c2690548783d4623de30d4ec56bbbf185b5c11b5e1913
GET /utag/crossover/main/prod/utag.3.js?utv=ut4.48.202212281757 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "3a7ebe4a090d8858d73c0cef360d872b:1666645817.120985"
last-modified: Mon, 24 Oct 2022 21:10:17 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Tue, 21 Feb 2023 19:17:48 GMT
date: Mon, 06 Feb 2023 19:17:48 GMT
content-length: 4579
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/crossover/main/prod/utag.5.js?utv=ut4.48.202212281757
2.18.173.203200 OK 1.8 kB URL HTTP/2 tags.tiqcdn.com/utag/crossover/main/prod/utag.5.js?utv=ut4.48.202212281757
IP 2.18.173.203:0
File type ASCII text, with very long lines (1117)
Hash d1c0176794a230855d7a20b04ab35510
d045ecf64cb93826e7f75025a188852c56586408
307f0729ed3f56e5778b8b5d7ee4059a1ebc57f4f0f8655d1b1ac8aeab6dfe5c
GET /utag/crossover/main/prod/utag.5.js?utv=ut4.48.202212281757 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "5787545ae4076d0144976d449fae3799:1666645816.409757"
last-modified: Mon, 24 Oct 2022 21:10:16 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Tue, 21 Feb 2023 19:17:48 GMT
date: Mon, 06 Feb 2023 19:17:48 GMT
content-length: 1781
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/crossover/main/prod/utag.4.js?utv=ut4.48.202212281757
2.18.173.203200 OK 1.8 kB URL HTTP/2 tags.tiqcdn.com/utag/crossover/main/prod/utag.4.js?utv=ut4.48.202212281757
IP 2.18.173.203:0
File type ASCII text, with very long lines (1117)
Hash b13d944b475af21cef70b5e71ac4f81f
af023b87cda9e6e5f502b02965b49beacc0ab957
8c91272604deb9e0aa091d26012246f12b189f48c12188b62d5adbc8ceb11fce
GET /utag/crossover/main/prod/utag.4.js?utv=ut4.48.202212281757 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "bc2f04c79d839769b49a73547b196a55:1666645815.716883"
last-modified: Mon, 24 Oct 2022 21:10:15 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Tue, 21 Feb 2023 19:17:48 GMT
date: Mon, 06 Feb 2023 19:17:48 GMT
content-length: 1779
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/crossover/main/prod/utag.1.js?utv=ut4.48.202212281757
2.18.173.203200 OK 7.0 kB URL HTTP/2 tags.tiqcdn.com/utag/crossover/main/prod/utag.1.js?utv=ut4.48.202212281757
IP 2.18.173.203:0
File type ASCII text, with very long lines (2654)
Hash ee2a8d769cb9ffb05ea3a97063394a9c
97d8036816e255bbba71722bfc40a71d6df01432
ccd80faff53ab74bd22e2da4e52965613b48e38eb2fdae1ee9003d604400ba4d
GET /utag/crossover/main/prod/utag.1.js?utv=ut4.48.202212281757 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "5c2ffb552384d122810210b9ffff7181:1666645816.225478"
last-modified: Mon, 24 Oct 2022 21:10:16 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Tue, 21 Feb 2023 19:17:48 GMT
date: Mon, 06 Feb 2023 19:17:48 GMT
content-length: 7023
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/crossover/main/prod/utag.6.js?utv=ut4.48.202212281757
2.18.173.203200 OK 3.6 kB URL HTTP/2 tags.tiqcdn.com/utag/crossover/main/prod/utag.6.js?utv=ut4.48.202212281757
IP 2.18.173.203:0
File type ASCII text, with very long lines (1579)
Hash 601fb7d4d743e26c37e488e3f604a1bf
4e5aaf64d8cab0949a5a9ec3eb2b5aed9b6cac42
9285aa1d2ac6327340bead8cdf5300240c045b1885d8d306a2fac44c1017dc01
GET /utag/crossover/main/prod/utag.6.js?utv=ut4.48.202212281757 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "f085c6d3707e5e1d93f7a5c3a98a4b38:1666645815.992157"
last-modified: Mon, 24 Oct 2022 21:10:15 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Tue, 21 Feb 2023 19:17:48 GMT
date: Mon, 06 Feb 2023 19:17:48 GMT
content-length: 3587
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/crossover/main/prod/utag.8.js?utv=ut4.48.202212281757
2.18.173.203200 OK 7.0 kB URL HTTP/2 tags.tiqcdn.com/utag/crossover/main/prod/utag.8.js?utv=ut4.48.202212281757
IP 2.18.173.203:0
File type ASCII text, with very long lines (2654)
Hash 1e30a5f457ef4b6b423a378d0b740b9c
4814628881c1daa6c9e6f474d9269f61870b5e4b
30614863bf3b555c8a23394261da5500792e2105f7c458d41a65a2633b2188e6
GET /utag/crossover/main/prod/utag.8.js?utv=ut4.48.202212281757 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "fef20fb39d00993f06294aa8c2787386:1666645817.305317"
last-modified: Mon, 24 Oct 2022 21:10:17 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Tue, 21 Feb 2023 19:17:48 GMT
date: Mon, 06 Feb 2023 19:17:48 GMT
content-length: 7023
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/crossover/main/prod/utag.11.js?utv=ut4.48.202212281757
2.18.173.203200 OK 5.9 kB URL HTTP/2 tags.tiqcdn.com/utag/crossover/main/prod/utag.11.js?utv=ut4.48.202212281757
IP 2.18.173.203:0
File type ASCII text, with very long lines (2761)
Hash 9b4efb4e3ede0b401482b219b37c5419
8bad2ad5d3413774c06ed8fdda45efdcc2e28065
937db688d9d7cf89d1270e14a0afca76cb5c1dfc21507c0c50d1f21979d7aa0c
GET /utag/crossover/main/prod/utag.11.js?utv=ut4.48.202212281757 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "28d59a370e270c2b99af3ec90ef3432b:1666645816.590877"
last-modified: Mon, 24 Oct 2022 21:10:16 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Tue, 21 Feb 2023 19:17:48 GMT
date: Mon, 06 Feb 2023 19:17:48 GMT
content-length: 5906
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/uploads/2021/12/0X3A8647.jpg
151.101.194.159200 OK 81 kB URL HTTP/2 crossoverhealth.com/wp-content/uploads/2021/12/0X3A8647.jpg
IP 151.101.194.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x1080, components 3\012- data
Hash 97c48fa8b811d734fc35a146f1b7adbb
36461e2b2a04b12862097b18867b9e188e442cc9
910fcd8029a93180f4fac706bda3ad64f16f5cb97647ef764fad8a50b88dd916
GET /wp-content/uploads/2021/12/0X3A8647.jpg HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Mon, 20 Dec 2021 08:37:31 GMT
etag: W/"61c040cb-13cf1"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:48 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711068.115364,VS0,VE246
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 80878
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=crossover/main/202301301623&cb=1675711114767
2.18.173.203200 OK 2 B URL HTTP/2 tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=crossover/main/202301301623&cb=1675711114767
IP 2.18.173.203:0
File type ASCII text, with no line terminators
Hash 7bc0ee636b3b83484fc3b9348863bd22
ebbffb7d7ea5362a22bfa1bab0bfdeb1617cd610
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
GET /utag/tiqapp/utag.v.js?a=crossover/main/202301301623&cb=1675711114767 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
content-length: 2
unused62: 8096267
cache-control: max-age=600
expires: Mon, 06 Feb 2023 19:27:48 GMT
date: Mon, 06 Feb 2023 19:17:48 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9206c3ba6d5a17d62244c438fd03496e
069e8257aebe618953434b1299d065540125a512
937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:17:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-4038654-27
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-4038654-27
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash b5af801f1fd5ccb2fbc6a5262c722fc5
a49e8ee511cbc29ba5733fdd7bab024e1666e25d
14bd368fb49d74463c8db5268a60c383cc644dda02e8ced7757639d834f01357
GET /gtag/js?id=UA-4038654-27 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Feb 2023 19:17:48 GMT
expires: Mon, 06 Feb 2023 19:17:48 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44928
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 70d7e4cd91d9f630c160410d22c1cede
82f5d0fbb11bcde09c107b6c1cbc6e014bb08b85
b8679be6c92167c51793ca4a8774caf0a50949737a99652243208fcfda917faf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:17:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 4b3a492adca89d4720fbb112cb7416e0
ac2254c7d449ebf5eac9a926cec2178f52f3e3c0
1cb496b2ab0c24cb92f0877d64cdf1539d1d4091cd1b27de6aafbc6417cb54f9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 06 Feb 2023 19:17:48 GMT
Last-Modified: Mon, 06 Feb 2023 18:17:54 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oOS7U8XZSq4bhC4uuyAuzMnaqqK4kSEq_V7A2UMlyFfuuz1ETmQ8Fw==
Age: 3594
collect.tealiumiq.com/crossover/main/2/i.gif
52.29.141.34200 OK 43 B URL HTTP/2 collect.tealiumiq.com/crossover/main/2/i.gif
IP 52.29.141.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
POST /crossover/main/2/i.gif HTTP/1.1
Host: collect.tealiumiq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------126823258621050354642469322994
Content-Length: 4795
Origin: https://crossoverhealth.com
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:17:48 GMT
content-type: image/gif
content-length: 43
x-acc: crossover:main:2:datacloud
x-did: 0186282a6d300019feee5a8555e700050001c00900918
x-region: eu-central-1
access-control-allow-origin: https://crossoverhealth.com
x-serverid: uconnect_i-0472ae3fa77ad46e1
pragma: no-cache
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-tid: 0186282a6d300019feee5a8555e700050001c00900918
access-control-allow-credentials: true
x-ulver: c28c71d4469dc19e2266494ea49c6a5bf79d0a4d-SNAPSHOT
vary: Origin
expires: Mon, 06 Feb 2023 19:17:48 GMT
x-uuid: 31460a85-f971-4052-b240-1cb57afd1d8a
set-cookie: TAPID=crossover/main>0186282a6d300019feee5a8555e700050001c00900918|; Path=/; Domain=.tealiumiq.com; Expires=Tue, 06-Feb-2024 19:17:48 GMT; Max-Age=31536000; Secure; HttpOnly; SameSite=None
X-Firefox-Spdy: h2
munchkin.marketo.net/162/munchkin.js
88.221.99.189200 OK 4.7 kB URL HTTP/1.1 munchkin.marketo.net/162/munchkin.js
IP 88.221.99.189:0
File type ASCII text, with very long lines (606)
Hash 3e9baed982956735f6e0a0e756d97ed9
9223be6a494a10959101a7942419df7b05b84d73
930a508ed0ea6b4861d19c0738360182514010913c4ebfe9352064ae5006f8a1
GET /162/munchkin.js HTTP/1.1
Host: munchkin.marketo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=8640000
Expires: Wed, 17 May 2023 19:17:48 GMT
Date: Mon, 06 Feb 2023 19:17:48 GMT
Content-Length: 4677
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
snap.licdn.com/li.lms-analytics/insight.min.js
95.101.11.48200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 95.101.11.48:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=58831
date: Mon, 06 Feb 2023 19:17:48 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9a60d6016cd998299b6665a91c01695f
6602b5a94afbe5ff3b999196d726e6424db77339
e290f612ebf43358e7d4e0f9f329f6d4b17550c61f7e0e0e62a5e6b57a42f260
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5674
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:17:48 GMT
Last-Modified: Mon, 06 Feb 2023 17:43:14 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:17:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 262283a921f231669fd41486228a6e9a
4b96dcb2cd03f53280d2ecf5ccb249b0b32e6e97
13b8cc87c28e0113401d88f89971eb966afde870a3e4be2602ff34942e81862d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:17:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 0/EfkiRdhs/op9bSSRqeMIk8ee9VG3aLhN/nPcsyfvVNaqaWAw/VsN72Vq8dXKiXUo21P+4yntF3op7AIfOV7g==
content-length: 27843
x-fb-trip-id: 1904183273
date: Mon, 06 Feb 2023 19:17:48 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9d7d54937b70d60ca299d07980bc1e1e
42ee245e31b6c480419253d420a75159e107cc65
fd8c0e9b7ce1332347da031c471053f5acaab963f5aafd0e29bb94b90bcf9293
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:17:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
crossoverhealth.com/wp-content/uploads/2021/08/cropped-cropped-cropped-fav.-1-32x32.png
151.101.194.159200 OK 864 B URL HTTP/2 crossoverhealth.com/wp-content/uploads/2021/08/cropped-cropped-cropped-fav.-1-32x32.png
IP 151.101.194.159:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 54786572e65b4ff8946156d82f62a013
9ebf6a417cdbd84654dcdd49d77446aff0439374
b39f5a66dc099a7f9be8faaa9d7cdf0595112c4ee947cfb883f94a9165d383d6
GET /wp-content/uploads/2021/08/cropped-cropped-cropped-fav.-1-32x32.png HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Cookie: utag_main=v_id:0186282a6d300019feee5a8555e700050001c00900918$_sn:1$_se:1$_ss:1$_st:1675712914545$ses_id:1675711114545%3Bexp-session$_pn:1%3Bexp-session$dc_visit:1$dc_event:1%3Bexp-session$dc_region:eu-central-1%3Bexp-session; wp-wpml_current_language=en; _gcl_au=1.1.403325880.1675711115
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 16 Dec 2021 22:37:14 GMT
etag: W/"61bbbf9a-349"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:48 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711069.808034,VS0,VE124
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 864
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10794034935/?random=1675711115025&cv=11&fst=1675711115025&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcrossoverhealth.com%2F&tiba=Crossover%20Health&did=dYmQxMT&gdid=dYmQxMT&auid=403325880.1675711115&data=event%3Dgtag.config&rfmt=3&fmt=4
216.58.207.226200 OK 873 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10794034935/?random=1675711115025&cv=11&fst=1675711115025&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcrossoverhealth.com%2F&tiba=Crossover%20Health&did=dYmQxMT&gdid=dYmQxMT&auid=403325880.1675711115&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 216.58.207.226:0
File type ASCII text, with very long lines (1851), with no line terminators
Hash 521936d7d923193db91bd73244a055db
983070ae0a6c1db6a0aace57686d477e53e3a300
3d57886b8f4c19ea48245a4c51cd497d09fbc5659e9672fc63258208a4d845a6
GET /pagead/viewthroughconversion/10794034935/?random=1675711115025&cv=11&fst=1675711115025&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcrossoverhealth.com%2F&tiba=Crossover%20Health&did=dYmQxMT&gdid=dYmQxMT&auid=403325880.1675711115&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 19:17:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 873
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 06-Feb-2023 19:32:48 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?key=AIzaSyD1XWop19oaDYhGa7wl7jHXTa76xL6v3YM&libraries=places,geometry
142.250.74.10200 OK 59 kB URL HTTP/2 maps.googleapis.com/maps/api/js?key=AIzaSyD1XWop19oaDYhGa7wl7jHXTa76xL6v3YM&libraries=places,geometry
IP 142.250.74.10:0
File type ASCII text, with very long lines (2470)
Hash 9dcbedba6d15be9c279c1176baff9dc2
7635a3f716c6705959c4ccdd6dead49e0aa7b20c
d9ee679cc75324c33684f911ee38476dd8561d9fe91d56d80c18b7126fb51459
GET /maps/api/js?key=AIzaSyD1XWop19oaDYhGa7wl7jHXTa76xL6v3YM&libraries=places,geometry HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Mon, 06 Feb 2023 19:17:48 GMT
expires: Mon, 06 Feb 2023 19:47:48 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 58678
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=40
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9a60d6016cd998299b6665a91c01695f
6602b5a94afbe5ff3b999196d726e6424db77339
e290f612ebf43358e7d4e0f9f329f6d4b17550c61f7e0e0e62a5e6b57a42f260
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5674
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:17:48 GMT
Last-Modified: Mon, 06 Feb 2023 17:43:14 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5801HJG2QB&cid=1401588448.1675711115>m=45je3210&aip=1&z=1906883037
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5801HJG2QB&cid=1401588448.1675711115>m=45je3210&aip=1&z=1906883037
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5801HJG2QB&cid=1401588448.1675711115>m=45je3210&aip=1&z=1906883037 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 19:17:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:17:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:17:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2e90fb4abc4adea51d5da8fca3895c90
9ea128cefd8a4e91bc93a306cdafdcf5c0b99a40
6de37bd6d8e446c4e3b2d739ad311f23c403bb59c6adbfade793b274da3b5f28
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:17:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px.ads.linkedin.com/collect?v=2&fmt=js&pid=4320713&time=1675711115145&url=https%3A%2F%2Fcrossoverhealth.com%2F
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=4320713&time=1675711115145&url=https%3A%2F%2Fcrossoverhealth.com%2F
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=4320713&time=1675711115145&url=https%3A%2F%2Fcrossoverhealth.com%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4320713%26time%3D1675711115145%26url%3Dhttps%253A%252F%252Fcrossoverhealth.com%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQLC79vbW6WDSgAAAYYoKbs2v9c4qd3AzeL84C7TU2LFt4lI3NWuH9pM-menXCwGsDXb9JDWCsPmaA; Max-Age=2592000; Expires=Wed, 08 Mar 2023 19:17:48 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQI-JYlFC2gfaAAAAYYoKbs34AM_a2iotWjio48nO-d0OKbAxxtT6zkaobcckqUWY__RzmOBofITF-7UCkEoSQ; Max-Age=2592000; Expires=Wed, 08 Mar 2023 19:17:48 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&965703e6-9029-4f31-8fec-be2963613ee5"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 06-Feb-2024 19:17:48 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2481:u=1:x=1:i=1675711068:t=1675797468:v=2:sig=AQEH61laiN_arINozGjR3kgbnNryLnqC"; Expires=Tue, 07 Feb 2023 19:17:48 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAX0DOMDLVeu+ADmziJLYA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 7180B2CD821A403DA98EA03F03F39AD7 Ref B: OSL30EDGE0512 Ref C: 2023-02-06T19:17:48Z
date: Mon, 06 Feb 2023 19:17:48 GMT
content-length: 0
X-Firefox-Spdy: h2
vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
143.204.55.20200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
IP 143.204.55.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 112fdf47cdb80b9ce3d033ed09717460
3898efa86cbf1b64dc41a90a110ed5afd6f2ae13
3bfb2e882091d872eece2eee40084183a5fcb0a7ed98c1b004850751260a4cbb
GET /box-e031119f9e9e307a08fa610f85dbfb52.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1034
date: Fri, 03 Feb 2023 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "112fdf47cdb80b9ce3d033ed09717460"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wDwr_jDqUbSk7d5VtKM-NkU9ZdZDMrlC5dThkqljaf8-5hEKqJoSMA==
age: 281263
X-Firefox-Spdy: h2
script.hotjar.com/modules.bca0d1c28285412bb689.js
143.204.55.46200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.bca0d1c28285412bb689.js
IP 143.204.55.46:0
File type Unicode text, UTF-8 text, with very long lines (49086)
Hash e923aa360dc485b9df86355bd040c998
03c46dbd41e9d4bdf8a9e4bfbaba3f7f2e9280ec
9c7575553c5b81f9b905dbb27c8116b175b69e7472aa6597f8cace1c6434d676
GET /modules.bca0d1c28285412bb689.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 67924
date: Fri, 03 Feb 2023 13:10:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "e923aa360dc485b9df86355bd040c998"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hsYy_XmlTi8ktYaTJPkfhFr4_UW4IAhk7W5nf9Ia6Z68hnMnS5k9OQ==
age: 281263
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 040d512b73ad828b2dd7409c0c9dab49
a7b7256940377241abd22db537a864ec6348bf90
6e7f979d255eba736072b159be75a5865fd307781806c412ea66bb0f80e38aa6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:17:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/10794034935/?random=1675711115025&cv=11&fst=1675710000000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcrossoverhealth.com%2F&tiba=Crossover%20Health&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2316139539&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/10794034935/?random=1675711115025&cv=11&fst=1675710000000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcrossoverhealth.com%2F&tiba=Crossover%20Health&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2316139539&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10794034935/?random=1675711115025&cv=11&fst=1675710000000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcrossoverhealth.com%2F&tiba=Crossover%20Health&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2316139539&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 19:17:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.10200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.10:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crossoverhealth.com
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 06 Feb 2023 19:17:49 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://crossoverhealth.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1e749c14b7f42310f96620f5ce6a7f6d
6a3fa9f54eadbdd22bae934fdc5a53865eafa736
ca7e6ec73ef92afffbf44dca1d9580d183e8d7a9c888939df334d6a663ca0c78
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6376
Cache-Control: max-age=156196
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:17:49 GMT
Etag: "63e0f899-1d7"
Expires: Wed, 08 Feb 2023 14:41:05 GMT
Last-Modified: Mon, 06 Feb 2023 12:54:49 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4320713%26time%3D1675711115145%26url%3Dhttps%253A%252F%252Fcrossoverhealth.com%252F%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4320713%26time%3D1675711115145%26url%3Dhttps%253A%252F%252Fcrossoverhealth.com%252F%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4320713%26time%3D1675711115145%26url%3Dhttps%253A%252F%252Fcrossoverhealth.com%252F%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4320713&time=1675711115145&url=https%3A%2F%2Fcrossoverhealth.com%2F&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&9ca8af1e-9220-4b88-8414-07b17193918b"; Domain=.linkedin.com; Expires=Tue, 06-Feb-2024 19:17:49 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&202302061917490d7d8473-ff1a-421b-8a35-04bcfbc824e7AQHagf71ISz410qyI73H70cvyJBlQkD4"; Domain=.www.linkedin.com; Expires=Tue, 06-Feb-2024 19:17:49 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzU3MTEwNjk7MjswMjEFvsOyKJm4JqTzI6nr7uw247v9olgqT1xbm5VOi1ZRkQ==; Domain=.linkedin.com; Expires=Sat, 05 Aug 2023 19:17:49 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2453:u=1:x=1:i=1675711069:t=1675797469:v=2:sig=AQGaEXLD2LcKasYIet0xWcWxV1P6wzon"; Expires=Tue, 07 Feb 2023 19:17:49 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy-report-only: default-src 'none'; base-uri 'self'; form-action 'self'; connect-src 'self' blob: wss: *.licdn.com *.linkedin.com; img-src 'self' blob: data: *.licdn.com *.linkedin.com; font-src data: *; frame-src 'self' blob: lnkd-communities: voyager: *.licdn.com *.linkedin.com; child-src 'self' blob:; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' *.licdn.com *.linkedin.com; media-src 'self' blob: data: *.licdn.com *.linkedin.com; manifest-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' *.licdn.com *.linkedin.com
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAX0DOMFygOfWlp1yDHr+g==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 4DB6AB94E4CE4EDCB0717C1AD7A7DFD8 Ref B: OSL30EDGE0512 Ref C: 2023-02-06T19:17:49Z
date: Mon, 06 Feb 2023 19:17:48 GMT
content-length: 0
X-Firefox-Spdy: h2
crossoverhealth.com/wp-content/uploads/2021/08/cropped-cropped-cropped-fav.-1-192x192.png
151.101.194.159200 OK 7.8 kB URL HTTP/2 crossoverhealth.com/wp-content/uploads/2021/08/cropped-cropped-cropped-fav.-1-192x192.png
IP 151.101.194.159:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash f3ed962040a85f1fc980abe20361400c
f834d0bf3178d9655e39b11a074f486595a5c29c
dd82f75a7163f18bf2e30044ea0ee62b00c8e1334fa3ec5b75ca7975bc45d93e
GET /wp-content/uploads/2021/08/cropped-cropped-cropped-fav.-1-192x192.png HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Cookie: utag_main=v_id:0186282a6d300019feee5a8555e700050001c00900918$_sn:1$_se:1$_ss:1$_st:1675712914545$ses_id:1675711114545%3Bexp-session$_pn:1%3Bexp-session$dc_visit:1$dc_event:1%3Bexp-session$dc_region:eu-central-1%3Bexp-session; wp-wpml_current_language=en; _gcl_au=1.1.403325880.1675711115
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 16 Dec 2021 22:50:11 GMT
etag: W/"61bbc2a3-1ede"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 06 Feb 2023 19:17:49 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675711069.807250,VS0,VE484
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7818
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 29af19f4d35dda344776c6f6db66c235
164bc64453a7e1e9c960982ff07d116ccf11434f
64ead99aef7098e547907e17edee7de198173e5951a82f91a038a562b50d1486
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=164634
Date: Mon, 06 Feb 2023 19:17:49 GMT
Etag: "63e11bdf-1d7"
Expires: Wed, 08 Feb 2023 17:01:43 GMT
Last-Modified: Mon, 06 Feb 2023 15:25:19 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: yt7L7eIGnnVbeJ6j04nVzuEHB2ck0Y9WMU8ecKNsBwLnFWoJlmnYHA==
Age: 5784
crossoverhealth.com/wp-content/uploads/2022/03/HomePage_Hero_V2_compressed.mp4
151.101.194.159206 Partial Content 16 kB URL HTTP/2 crossoverhealth.com/wp-content/uploads/2022/03/HomePage_Hero_V2_compressed.mp4
IP 151.101.194.159:0
File type ISO Media, MP4 v2 [ISO 14496-14]\012- data
Hash 1a7d6c992e98545bc6c821168bb07755
036c3a40ef07807572163ba0aca5cd9a8bd92801
3b914a41494cfe09d81450f86d44bfd538e8f7c50343496e51c9c136f464d42d
GET /wp-content/uploads/2022/03/HomePage_Hero_V2_compressed.mp4 HTTP/1.1
Host: crossoverhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://crossoverhealth.com/
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: video/mp4
last-modified: Mon, 21 Mar 2022 23:07:49 GMT
etag: "62390545-871579"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: bexjxigjzy
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
content-range: bytes 0-8852856/8852857
date: Mon, 06 Feb 2023 19:17:48 GMT
x-served-by: cache-bma1637-BMA
x-cache: HIT
x-cache-hits: 0
x-timer: S1675711068.114120,VS0,VE2
vary: Authorization
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
content-length: 8852857
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-5801HJG2QB>m=45je3210&_p=891029146&_gaz=1&cid=1401588448.1675711115&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675711115&sct=1&seg=0&dl=https%3A%2F%2Fcrossoverhealth.com%2F&dt=Crossover%20Health&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-5801HJG2QB>m=45je3210&_p=891029146&_gaz=1&cid=1401588448.1675711115&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675711115&sct=1&seg=0&dl=https%3A%2F%2Fcrossoverhealth.com%2F&dt=Crossover%20Health&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-5801HJG2QB>m=45je3210&_p=891029146&_gaz=1&cid=1401588448.1675711115&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675711115&sct=1&seg=0&dl=https%3A%2F%2Fcrossoverhealth.com%2F&dt=Crossover%20Health&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crossoverhealth.com
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://crossoverhealth.com
date: Mon, 06 Feb 2023 19:17:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-5801HJG2QB&cid=1401588448.1675711115>m=45je3210&aip=1
64.233.161.155204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-5801HJG2QB&cid=1401588448.1675711115>m=45je3210&aip=1
IP 64.233.161.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-5801HJG2QB&cid=1401588448.1675711115>m=45je3210&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crossoverhealth.com
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://crossoverhealth.com
date: Mon, 06 Feb 2023 19:17:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/2362886/visit-data?sv=6
54.77.9.108200 OK 95 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/2362886/visit-data?sv=6
IP 54.77.9.108:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 039d32f7359c34eee13f02bae640eff7
7550a24e404da6c533fa8597113eec17a6d55f4c
1874a3ed03bfe4289ca3a8cc3c495a498033ddb248a6fbdcdce02e70065eca54
POST /api/v2/client/sites/2362886/visit-data?sv=6 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 129
Origin: https://crossoverhealth.com
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:17:49 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=4320713&time=1675711115145&url=https%3A%2F%2Fcrossoverhealth.com%2F&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=4320713&time=1675711115145&url=https%3A%2F%2Fcrossoverhealth.com%2F&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=4320713&time=1675711115145&url=https%3A%2F%2Fcrossoverhealth.com%2F&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&508a6589-23ae-4bef-8367-468667e7f631"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 06-Feb-2024 19:17:49 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2453:u=1:x=1:i=1675711069:t=1675797469:v=2:sig=AQGaEXLD2LcKasYIet0xWcWxV1P6wzon"; Expires=Tue, 07 Feb 2023 19:17:49 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAX0DOMKVruUlnzEJR2ngw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 876CE3E8EC8E46C6A0C696AE4FD77550 Ref B: OSL30EDGE0512 Ref C: 2023-02-06T19:17:49Z
date: Mon, 06 Feb 2023 19:17:48 GMT
content-length: 0
X-Firefox-Spdy: h2
ws44.hotjar.com/api/v2/client/ws
18.203.19.157101 Switching Protocols 0 B URL HTTP/1.1 ws44.hotjar.com/api/v2/client/ws
IP 18.203.19.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v2/client/ws HTTP/1.1
Host: ws44.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://crossoverhealth.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gIL8xS2nVAYA640VlGJaGw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Mon, 06 Feb 2023 19:17:49 GMT
Content-Type: application/octet-stream
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: seCnfPbqxCJO5hFRZ7UI10IGBmA=
Sec-WebSocket-Extensions: permessage-deflate
acsbapp.com/apps/app/dist/js/app.js
104.22.1.204200 OK 171 kB URL HTTP/2 acsbapp.com/apps/app/dist/js/app.js
IP 104.22.1.204:0
File type Unicode text, UTF-8 text, with very long lines (59672), with no line terminators
Size 171 kB (171016 bytes)
Hash 048217762ff36d4bb24670e8b9b22c28
a6a1c9cd8ed8bbbac216cd7f0325e6761872d680
31021ba4a1062b61d411a8b7ae82f77b3ffe34b9af0db5fa954bdd4a92760789
GET /apps/app/dist/js/app.js HTTP/1.1
Host: acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:17:48 GMT
content-type: application/x-javascript
cache-control: max-age=432000 public
expires: Tue, 07 Feb 2023 19:17:48 GMT
last-modified: Mon, 06 Feb 2023 14:58:04 GMT
etag: W/"6bca9-63e1157c-2161255fa7e6048d;;;"
access-control-allow-origin: *
access-control-allow-headers: *
cf-cache-status: DYNAMIC
vary: Accept-Encoding
server: cloudflare
cf-ray: 79563a602e4fb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.acsbapp.com/cache/app/en.build.json
104.22.0.204200 OK 30 kB URL HTTP/2 cdn.acsbapp.com/cache/app/en.build.json
IP 104.22.0.204:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65461), with no line terminators
Hash b54403b301440fd58c6484e8dd41e7a8
8cb914cb339cc7dc48612ffbcd070a7ad0b26d5d
e1176917bdad3506b3ca01e2bc048542868897dc809e1f8e8962ed32e1802e00
GET /cache/app/en.build.json HTTP/1.1
Host: cdn.acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crossoverhealth.com
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:17:49 GMT
content-type: application/json
cache-control: max-age=432000 public
expires: Tue, 07 Feb 2023 19:17:49 GMT
last-modified: Mon, 06 Feb 2023 14:59:03 GMT
etag: W/"3bb7f-63e115b7-57a3d92ae62a0d39;;;"
access-control-allow-origin: *
access-control-allow-headers: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79563a6809f3fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash efc37c3cf2eae8a995df88c6cd08e2b1
c5c3c87d8ca48dccf5d63f766d9ee0c89c4673d1
f7262727e8f18b1ad932fd9bb4a521684a96dfca1fdfc2ef3aa0e9d3aa585439
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6432
Cache-Control: max-age=169206
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:17:50 GMT
Etag: "63e12b34-2d7"
Expires: Wed, 08 Feb 2023 18:17:56 GMT
Last-Modified: Mon, 06 Feb 2023 16:30:44 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 727
static.hotjar.com/c/hotjar-2362886.js?sv=6
54.230.111.8200 OK 3.6 kB URL HTTP/2 static.hotjar.com/c/hotjar-2362886.js?sv=6
IP 54.230.111.8:0
File type ASCII text, with very long lines (7460)
Hash 7f0f8fee690c83785a7ce4c5281fcfe0
f2adc0c298b9368b5b09df3f25d680e07059aade
f4d42167fc6f4c5ef6d3be52ae35fc7a020069202b648855a2cd5d70c571564f
GET /c/hotjar-2362886.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Mon, 06 Feb 2023 19:17:48 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/71ba84619222fc889a6b96b9e85e2467
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gD_DzABSvQ89HD2Tqj8_EHSM2kZLdUG9OnpU8CxCOdNCiE4PP5ZmTA==
X-Firefox-Spdy: h2
web1.acsbapp.com/apps/app/dist/media/logomono.svg
138.128.247.123200 OK 1.2 kB URL HTTP/2 web1.acsbapp.com/apps/app/dist/media/logomono.svg
IP 138.128.247.123:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 5a1c5c803738f6acbab0a79379c92c10
9f4639325d9e8e69ccc2bfc30d0f83d7dd11cd79
04009697f389893748179c149cad7b1e399d23a2284637350fe07ad94ffa5350
GET /apps/app/dist/media/logomono.svg HTTP/1.1
Host: web1.acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Tue, 06 Feb 2024 19:17:50 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Sep 2022 21:02:04 GMT
etag: "1034-6332134c-7705bf7dfc5e498d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1210
date: Mon, 06 Feb 2023 19:17:50 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2
beacon-v2.helpscout.net/
143.204.55.113200 OK 327 B IP 143.204.55.113:0
File type ASCII text, with very long lines (458), with no line terminators
Hash 2daa9b8f974a64dadfb899d6b88c866b
2f0ed01773451d8013bca78cc04b2a05d046a300
c170159ff8774bfaaf90ffb7327f527fd9a4387f81a67ce5593ba6b644d03cc6
GET / HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 327
last-modified: Mon, 06 Feb 2023 12:10:35 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 19:17:13 GMT
cache-control: max-age=120, s-maxage=120, public
etag: "2daa9b8f974a64dadfb899d6b88c866b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hOVQVLti7py9ZyDrqg0ozky5UPtFT1JOWzkAZrWpg6wxQ9flerD0iQ==
age: 38
X-Firefox-Spdy: h2
beacon-v2.helpscout.net/static/js/vendor.df61c9e9.js
143.204.55.113200 OK 22 kB URL HTTP/2 beacon-v2.helpscout.net/static/js/vendor.df61c9e9.js
IP 143.204.55.113:0
File type ASCII text, with very long lines (64231), with no line terminators
Hash ec4b5e43c72431b1288a8bad8d16351d
7275afeb9cdcaff83f5b39a6907f93c9bd9f0a8d
aaf4b2f0fa80adad7166f22278e5e7a63d005800ac816df7ca4802ae06e91c1f
GET /static/js/vendor.df61c9e9.js HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 22208
last-modified: Thu, 02 Feb 2023 17:06:58 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 18:06:44 GMT
cache-control: max-age=315360000, s-maxage=7200, public
etag: "ec4b5e43c72431b1288a8bad8d16351d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: J-GMa60pWTeOuFHbasvKxxukzrtV36a1oBRZWx2dACkN3gFeSAn74g==
age: 4267
X-Firefox-Spdy: h2
beacon-v2.helpscout.net/static/js/main.9e1578ca.js
143.204.55.113200 OK 9.6 kB URL HTTP/2 beacon-v2.helpscout.net/static/js/main.9e1578ca.js
IP 143.204.55.113:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (24423)
Hash daa31355fccebc09900e261285ea8bc2
d7092c70faf495c67fead9b62539baa6cb889420
c468b5fabc3ca81dd5b93ca9ce0d48e84be17501b114621ba110f5136473c01c
GET /static/js/main.9e1578ca.js HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 9550
last-modified: Mon, 06 Feb 2023 12:10:35 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 18:12:24 GMT
cache-control: max-age=315360000, s-maxage=7200, public
etag: "daa31355fccebc09900e261285ea8bc2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PqN8Nh2Nv2Mb2SRAlEISxiB-E8jdNlVBSjJDaG3X9wOfxhhyUx3Pnw==
age: 3927
X-Firefox-Spdy: h2
d3hb14vkzrxvla.cloudfront.net/v1/11ae7ee4-530f-4d99-a3c4-6b67b099c1da
54.230.245.175200 OK 0 B URL HTTP/2 d3hb14vkzrxvla.cloudfront.net/v1/11ae7ee4-530f-4d99-a3c4-6b67b099c1da
IP 54.230.245.175:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/11ae7ee4-530f-4d99-a3c4-6b67b099c1da HTTP/1.1
Host: d3hb14vkzrxvla.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: beacon-device-id,correlationid,helpscout-origin,helpscout-release
Referer: https://crossoverhealth.com/
Origin: https://crossoverhealth.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Mon, 06 Feb 2023 19:17:50 GMT
access-control-allow-origin: https://crossoverhealth.com
access-control-allow-methods: GET
access-control-allow-headers: beacon-device-id, correlationid, helpscout-origin, helpscout-release
access-control-allow-credentials: true
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-ratelimit-limit-attachments-hour: 10
x-ratelimit-remaining-attachments-hour: 10
x-ratelimit-limit-chat-tokens-hour: 25
x-ratelimit-remaining-chat-tokens-hour: 25
x-ratelimit-limit-general-minute: 60
x-ratelimit-remaining-general-minute: 60
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-identify-hour: 25
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: i3VqZPm8tyhVmS0YInB8z0Qcr7Zz3XMZCyu7GgT7IQL_4Gz-HS25Ag==
X-Firefox-Spdy: h2
beacon-v2.helpscout.net/static/js/full-beacon-init.2cadc269.chunk.js
143.204.55.113200 OK 104 kB URL HTTP/2 beacon-v2.helpscout.net/static/js/full-beacon-init.2cadc269.chunk.js
IP 143.204.55.113:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 104 kB (103919 bytes)
Hash de7f75c901490c152e5daec6127186b9
19600af12a8bde129be604a6bd23f4dbb00caec4
719b5fe4e2e130e3646b48cba82b8c1d4cec90387a5b73964ff0cd3a3fe03bf5
GET /static/js/full-beacon-init.2cadc269.chunk.js HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 103919
last-modified: Mon, 06 Feb 2023 12:10:35 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 18:12:24 GMT
cache-control: max-age=315360000, s-maxage=7200, public
etag: "de7f75c901490c152e5daec6127186b9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3bzP9GAbSN6ooqKXgJK4ketWUMXSRkFeQmKGQusFEZ86T9PCaMnRZw==
age: 3926
X-Firefox-Spdy: h2
d3hb14vkzrxvla.cloudfront.net/v1/11ae7ee4-530f-4d99-a3c4-6b67b099c1da
54.230.245.175200 OK 8.6 kB URL HTTP/2 d3hb14vkzrxvla.cloudfront.net/v1/11ae7ee4-530f-4d99-a3c4-6b67b099c1da
IP 54.230.245.175:0
Hash 7e6ef8dd22a5f966c839775beb66a8be
0b85d186e9cf60a099af4585273f676b70db6bd0
772296efeed21f0e8f3a6e343a3b121e1ff3a0fdb920a23e7254b1609b440920
GET /v1/11ae7ee4-530f-4d99-a3c4-6b67b099c1da HTTP/1.1
Host: d3hb14vkzrxvla.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
correlationId: fdca9994-e856-4136-bd79-c862c9232aa2
Helpscout-Origin: Beacon-Embed
Helpscout-Release: 2.2.71
Beacon-Device-ID: c07b27e5-8b3f-4cca-9b74-c70d84d31f62
Origin: https://crossoverhealth.com
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Mon, 06 Feb 2023 19:17:50 GMT
access-control-allow-origin: https://crossoverhealth.com
access-control-expose-headers: Resource-ID
access-control-allow-credentials: true
cache-control: max-age=300
x-ratelimit-limit-attachments-hour: 10
x-ratelimit-remaining-attachments-hour: 10
x-ratelimit-limit-chat-tokens-hour: 25
x-ratelimit-remaining-chat-tokens-hour: 25
x-ratelimit-limit-general-minute: 60
x-ratelimit-remaining-general-minute: 60
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-identify-hour: 25
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UcqqsW-c_UFDjUzPgWho7qx4IlehA3TcgXCfIEE7J8_T2C5Xe0YXJg==
X-Firefox-Spdy: h2
scripts.dofollowgreenline.com/pC9KDz
194.135.30.210200 OK 1.2 kB URL HTTP/1.1 scripts.dofollowgreenline.com/pC9KDz
IP 194.135.30.210:0
ASN #2856 British Telecommunications PLC
File type ASCII text, with very long lines (3022), with no line terminators
Hash eb02d53f0152c5c871ed775e2caf9250
ebd44170acd88dc736ea779f6ab8f8ff7caa5c6d
2a005b344967b5d077e8c2fa6f3290cd3c97442b58ef79cc8050df763f448683
Analyzer Verdict Alert fortinet Malware
GET /pC9KDz HTTP/1.1
Host: scripts.dofollowgreenline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 19:17:50 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 1176
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: 0
Pragma: no-cache
Set-Cookie: _subid=s8hnpadehi0;Expires=Thursday, 09-Mar-2023 19:17:50 GMT;Max-Age=2678400;Path=/
3936f=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjVcIjoxNjc1NzExMDcwfSxcImNhbXBhaWduc1wiOntcIjJcIjoxNjc1NzExMDcwfSxcInRpbWVcIjoxNjc1NzExMDcwfSJ9.aqA24uTZckhFXAIgZQQJ5v3Gvxe1S87LrD44lXhiJ0g;Expires=Sunday, 15-Mar-2076 14:35:40 GMT;Max-Age=1675797470;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d82966335d13b6ee953e4883ddff20d7
b2e0c35181ea54d9dd16b8926bf6861034f5ddda
cf6a48cbe611d5e0e0c0220c2bb42931be7405b6d05e8b6f97b67b8fed0d189f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF6A48CBE611D5E0E0C0220C2BB42931BE7405B6D05E8B6F97B67B8FED0D189F"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1936
Expires: Mon, 06 Feb 2023 19:50:07 GMT
Date: Mon, 06 Feb 2023 19:17:51 GMT
Connection: keep-alive
goaway.dofollowgreenline.com/follow/finish.php?pid=658745-22-658734323
194.135.30.210302 Found 0 B URL HTTP/1.1 goaway.dofollowgreenline.com/follow/finish.php?pid=658745-22-658734323
IP 194.135.30.210:0
ASN #2856 British Telecommunications PLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /follow/finish.php?pid=658745-22-658734323 HTTP/1.1
Host: goaway.dofollowgreenline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 06 Feb 2023 19:17:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://goaway.dofollowgreenline.com/follow/finish.php?mid=8678670756767
Access-Control-Allow-Origin: *
goaway.dofollowgreenline.com/follow/finish.php?mid=8678670756767
194.135.30.210200 OK 468 B URL HTTP/1.1 goaway.dofollowgreenline.com/follow/finish.php?mid=8678670756767
IP 194.135.30.210:0
ASN #2856 British Telecommunications PLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash b5a5307d9ab9831a566f0d3ff7e38494
73bd511114fa273e663499455b44a69a9083f534
c4cbd80786f04154ebf81fe67ff21e47d3e108f3907ada92ef9bf98e2cdaf9dc
GET /follow/finish.php?mid=8678670756767 HTTP/1.1
Host: goaway.dofollowgreenline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crossoverhealth.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 19:17:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 96e4340c8c20b45fe1319c1c173cf385
a29712285894e94600093903baf9035218249ec1
5ccea89556c1d1641dd32150e13e487f02b3f5a557cda6648a0fdc2293d1b508
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1745
Cache-Control: max-age=158768
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:17:51 GMT
Etag: "63e114be-117"
Expires: Wed, 08 Feb 2023 15:23:59 GMT
Last-Modified: Mon, 06 Feb 2023 14:54:54 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 96e4340c8c20b45fe1319c1c173cf385
a29712285894e94600093903baf9035218249ec1
5ccea89556c1d1641dd32150e13e487f02b3f5a557cda6648a0fdc2293d1b508
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1745
Cache-Control: max-age=158768
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:17:51 GMT
Etag: "63e114be-117"
Expires: Wed, 08 Feb 2023 15:23:59 GMT
Last-Modified: Mon, 06 Feb 2023 14:54:54 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 31bf49e97c42e7b55f532b94fa4af40b
a263483a79d092895c77ef47a032495c74e469a1
6c02a9a572b0037eff14c020637dccc1efca03fdda4e7900963f60bc187e9377
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C02A9A572B0037EFF14C020637DCCC1EFCA03FDDA4E7900963F60BC187E9377"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12543
Expires: Mon, 06 Feb 2023 22:46:54 GMT
Date: Mon, 06 Feb 2023 19:17:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4e95204d139d9f30b0d6b7e46e74abb6
00bd01555a3f6dc38df98676623ebc8c254114a8
eff89730d796b26ffb2c73bfecda0cd033e469b900ad2aa8c5fa08cb11e5e0d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6126
Cache-Control: max-age=156316
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:17:51 GMT
Etag: "63e0fa0d-116"
Expires: Wed, 08 Feb 2023 14:43:07 GMT
Last-Modified: Mon, 06 Feb 2023 13:01:01 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
8pxut.haxbyq.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=beef0&i=1
185.56.234.205200 OK 12 kB URL HTTP/2 8pxut.haxbyq.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=beef0&i=1
IP 185.56.234.205:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (22505)
Hash a5014dd695a9aeef16fb568021585a7c
9a4b21eb473a098d0943e9e3df781b53cb58e980
f6c686dd55180ea82f98cd3104d5acc6d80c2ec42da84eb5628876418ed17dae
GET /checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=beef0&i=1 HTTP/1.1
Host: 8pxut.haxbyq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://haxbyq.com/
Cookie: truniq=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Mon, 06 Feb 2023 19:17:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-zone: eu3
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4e95204d139d9f30b0d6b7e46e74abb6
00bd01555a3f6dc38df98676623ebc8c254114a8
eff89730d796b26ffb2c73bfecda0cd033e469b900ad2aa8c5fa08cb11e5e0d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6126
Cache-Control: max-age=156316
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:17:51 GMT
Etag: "63e0fa0d-116"
Expires: Wed, 08 Feb 2023 14:43:07 GMT
Last-Modified: Mon, 06 Feb 2023 13:01:01 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
ulmoyc.com/v1/sdk.js?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6MiwicG0iOjJ9eyJ&d=haxbyq.com&tpl=44&pbd=iOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNpMSI6ImJlZWYwIiwiaSI6IjEifQ==eyJwaWQ
172.67.197.128200 OK 32 kB URL HTTP/2 ulmoyc.com/v1/sdk.js?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6MiwicG0iOjJ9eyJ&d=haxbyq.com&tpl=44&pbd=iOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNpMSI6ImJlZWYwIiwiaSI6IjEifQ==eyJwaWQ
IP 172.67.197.128:0
File type ASCII text, with very long lines (11285), with no line terminators
Hash 36cebd7fca7590614232d5b298d61082
bb15d7741aea974d0bc2329c9bb42dc85926c9d7
ad406a62b9e92abb440ae588742edfb95b245e9c3bead17c710ab3cc1d38e816
GET /v1/sdk.js?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6MiwicG0iOjJ9eyJ&d=haxbyq.com&tpl=44&pbd=iOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNpMSI6ImJlZWYwIiwiaSI6IjEifQ==eyJwaWQ HTTP/1.1
Host: ulmoyc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8pxut.haxbyq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:17:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-origin: https://haxbyq.com
etag: W/"T6IJZ7/ODVnQuKmkTT2prWfDE/8"
x-zone: eu
cf-cache-status: HIT
age: 1488
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHe4ZIEOKFLrq8WAo%2BJq58oq4ziu91JeneNJvoT5sm%2BRpsmHqQKKACoNgTpnWytAV%2F9sB48eaV8Qhmp3FSsD5dxOztKUGFJkopOZCeAuQqvGR11oVfNjdlyJQTip"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79563a766cfbb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.acsbapp.com/cache/app/crossoverhealth.com/config.json
104.22.0.204200 OK 0 B URL HTTP/2 cdn.acsbapp.com/cache/app/crossoverhealth.com/config.json
IP 104.22.0.204:0
GET /cache/app/crossoverhealth.com/config.json HTTP/1.1
Host: cdn.acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crossoverhealth.com
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:17:49 GMT
content-type: application/json
cache-control: max-age=432000 public
expires: Tue, 07 Feb 2023 19:17:48 GMT
last-modified: Mon, 06 Feb 2023 19:15:14 GMT
etag: W/"9f-63e151c2-f9ffad2b55c162f3;;;"
access-control-allow-origin: *
access-control-allow-headers: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79563a64fecffac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
142.250.74.78200 OK 0 B URL HTTP/2 www.youtube.com/iframe_api
IP 142.250.74.78:0
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Mon, 06 Feb 2023 19:17:45 GMT
date: Mon, 06 Feb 2023 19:17:45 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=GjxG0e4XOh4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=p-hJrMLMRJI; Domain=.youtube.com; Expires=Sat, 05-Aug-2023 19:17:45 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TnpFeU5ESXlNalU1TXpFMU9EazRNUT09ENmkhZ8GGNmkhZ8G; Domain=.youtube.com; Expires=Sat, 05-Aug-2023 19:17:45 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+997; expires=Wed, 05-Feb-2025 19:17:45 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lfbz9.haxbyq.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=beef0&i=3
185.56.234.205200 OK 0 B URL HTTP/2 lfbz9.haxbyq.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=beef0&i=3
IP 185.56.234.205:0
ASN #39572 DataWeb Global Group B.V.
GET /checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=beef0&i=3 HTTP/1.1
Host: lfbz9.haxbyq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2ybr.haxbyq.com/
Cookie: truniq=1; ufp2=82560384c64a0faf4ee33c5f3ccbb892ef4e4e02
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Mon, 06 Feb 2023 19:17:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-zone: eu3
content-encoding: gzip
X-Firefox-Spdy: h2
el8hm.haxbyq.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=beef0&i=5
185.56.234.205200 OK 0 B URL HTTP/2 el8hm.haxbyq.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=beef0&i=5
IP 185.56.234.205:0
ASN #39572 DataWeb Global Group B.V.
GET /checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=beef0&i=5 HTTP/1.1
Host: el8hm.haxbyq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f835u.haxbyq.com/
Cookie: truniq=1; ufp2=82560384c64a0faf4ee33c5f3ccbb892ef4e4e02
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Mon, 06 Feb 2023 19:17:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-zone: eu
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/4320713/domain/crossoverhealth.com/token
54.230.111.78200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/4320713/domain/crossoverhealth.com/token
IP 54.230.111.78:0
GET /partner/4320713/domain/crossoverhealth.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crossoverhealth.com
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Mon, 06 Feb 2023 18:34:55 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qXI27WtQUnd5KfXUi6FHaAh73gzH8v501iOWu0ZGjt0o8i0gAq4RIQ==
age: 2573
X-Firefox-Spdy: h2
ulmoyc.com/fp.js?d=8pxut.haxbyq.com
172.67.197.128200 OK 0 B URL HTTP/2 ulmoyc.com/fp.js?d=8pxut.haxbyq.com
IP 172.67.197.128:0
GET /fp.js?d=8pxut.haxbyq.com HTTP/1.1
Host: ulmoyc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8pxut.haxbyq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:17:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
max-age: 0
access-control-allow-origin: https://8pxut.haxbyq.com
x-zone: eu
last-modified: Mon, 06 Feb 2023 19:17:51 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCT5uYjjwujgdfLky5UIwGQjtZStIsVEuC%2B7wd8vahN7xIylD%2FvfgR2i8yFjV%2FLql8pM0ZFWLZkh0xe9kJ9y1VedmFCIifiWu1b9RCZmlwuraQjor2TxaRrGBwt3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79563a768d1eb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
g2ybr.haxbyq.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=beef0&i=2
185.56.234.205200 OK 0 B URL HTTP/2 g2ybr.haxbyq.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=beef0&i=2
IP 185.56.234.205:0
ASN #39572 DataWeb Global Group B.V.
GET /checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=beef0&i=2 HTTP/1.1
Host: g2ybr.haxbyq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8pxut.haxbyq.com/
Cookie: truniq=1; ufp2=82560384c64a0faf4ee33c5f3ccbb892ef4e4e02
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Mon, 06 Feb 2023 19:17:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-zone: eu
content-encoding: gzip
X-Firefox-Spdy: h2
64829.haxbyq.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=beef0&i=6
185.56.234.205200 OK 0 B URL HTTP/2 64829.haxbyq.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=beef0&i=6
IP 185.56.234.205:0
ASN #39572 DataWeb Global Group B.V.
GET /checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=beef0&i=6 HTTP/1.1
Host: 64829.haxbyq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://el8hm.haxbyq.com/
Cookie: truniq=1; ufp2=82560384c64a0faf4ee33c5f3ccbb892ef4e4e02
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Mon, 06 Feb 2023 19:17:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-zone: eu
content-encoding: gzip
X-Firefox-Spdy: h2
k59iy.haxbyq.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=beef0&i=8
185.56.234.205200 OK 0 B URL HTTP/2 k59iy.haxbyq.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=beef0&i=8
IP 185.56.234.205:0
ASN #39572 DataWeb Global Group B.V.
GET /checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=beef0&i=8 HTTP/1.1
Host: k59iy.haxbyq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9td7z.haxbyq.com/
Cookie: truniq=1; ufp2=82560384c64a0faf4ee33c5f3ccbb892ef4e4e02
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Mon, 06 Feb 2023 19:17:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-zone: eu
content-encoding: gzip
X-Firefox-Spdy: h2
ws.zoominfo.com/pixel/62605ff2fcf91a0013a37d3e
104.16.101.12200 OK 0 B URL HTTP/2 ws.zoominfo.com/pixel/62605ff2fcf91a0013a37d3e
IP 104.16.101.12:0
GET /pixel/62605ff2fcf91a0013a37d3e HTTP/1.1
Host: ws.zoominfo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:17:48 GMT
content-type: text/javascript
vary: Accept-Encoding
x-powered-by: Express
x-content-type-options: nosniff
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
set-cookie: visitorId=36203b7514964b012c24eee52b9e6209f9576b865c2fd2c456a1e30e8084f584; Max-Age=31536000; Domain=ws.zoominfo.com; Path=/; Expires=Tue, 06 Feb 2024 19:17:48 GMT; Secure; SameSite=None
__cf_bm=leG94s3o9YwrhT9jAlUF_FMR1HqHSbypH5c6QYGNIco-1675711068-0-AZVCs+Kz18ILHABgf0FmihYXAZm2j/gW3lySrLno5Uopm4dvOok5MTql8ix74at+NltHXYMv5w/W7PLXBdQVKlg=; path=/; expires=Mon, 06-Feb-23 19:47:48 GMT; domain=.zoominfo.com; HttpOnly; Secure; SameSite=None
_cfuvid=WVQarRT4kXezmzRzFAIPgNKex8zaLyfRrF5bdrdU6D0-1675711068115-0-604800000; path=/; domain=.zoominfo.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 79563a5eab2b1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/4320713/domain/crossoverhealth.com/token
54.230.111.78200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/4320713/domain/crossoverhealth.com/token
IP 54.230.111.78:0
GET /partner/4320713/domain/crossoverhealth.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crossoverhealth.com
Connection: keep-alive
Referer: https://crossoverhealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Mon, 06 Feb 2023 18:34:55 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jwu9h8iVLPulCxKXQenjSBkw2GmGNgeE5R7lKuRlwPzTlctiObhJug==
age: 2573
X-Firefox-Spdy: h2
cqwajn.com/gosl/InNpZCI6MTE4NDYwMiwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNTQwMzAs?si1=beef0
188.114.96.1302 Found 0 B URL HTTP/2 cqwajn.com/gosl/InNpZCI6MTE4NDYwMiwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNTQwMzAs?si1=beef0
IP 188.114.96.1:0
GET /gosl/InNpZCI6MTE4NDYwMiwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNTQwMzAs?si1=beef0 HTTP/1.1
Host: cqwajn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goaway.dofollowgreenline.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 06 Feb 2023 19:17:51 GMT
content-type: text/html; charset=UTF-8
location: https://haxbyq.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=beef0&si2=
cache-control: no-cache
max-age: 0
x-zone: eu
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FyGPFwMMFFXT4GrEMQTXymYoaS037Qe4jF5xIAJJr3t%2FWS5w35VIuunLFHdDn9%2B3coGOiK71SxALqkxlBU0eyoBio30jlYaNh1%2Bl%2BVogqPP1Lu%2BpR7aG3gT9z9Lv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79563a7349a10b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2