urlscan.io logo urlscan.io
SecurityTrails logo

2dffbba18b.nxcli.io Open in urlscan Pro
209.126.25.56  Public Scan

Go To Rescan Add Verdict Report
URL: https://2dffbba18b.nxcli.io/
Submission: On April 03 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 43 HTTP transactions. The main IP is 209.126.25.56, located in United States and belongs to NEXCESS-NET, US. The main domain is 2dffbba18b.nxcli.io.
TLS certificate: Issued by R3 on April 3rd 2024. Valid for: 3 months.
This is the only time 2dffbba18b.nxcli.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
32 209.126.25.56 36444 (NEXCESS-NET)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
43 8
32    209.126.25.56 (United States)

ASN36444 (NEXCESS-NET, US)
PTR: cloudhost-1985831.us-midwest-1.nxcli.net
2dffbba18b.nxcli.io
1    2607:f8b0:4006:820::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    2607:f8b0:4006:80d::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2607:f8b0:4006:80d::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
32 nxcli.io
2dffbba18b.nxcli.io
436 KB
4 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2435
88 KB
2 gstatic.com
fonts.gstatic.com
97 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
170 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
248 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
931 B
43 7
Domain Requested by
32 2dffbba18b.nxcli.io 2dffbba18b.nxcli.io
4 script.crazyegg.com 2dffbba18b.nxcli.io
script.crazyegg.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com 2dffbba18b.nxcli.io
www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
1 cdnjs.cloudflare.com 2dffbba18b.nxcli.io
1 fonts.googleapis.com 2dffbba18b.nxcli.io
43 7

This site contains links to these domains. Also see Links.

Domain
facebook.com
www.instagram.com
www.linkedin.com
maps.app.goo.gl
practicepromotions.net
Subject Issuer Validity Valid
2dffbba18b.nxcli.io
R3		 2024-04-03 -
2024-07-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
script.crazyegg.com
E1		 2024-02-06 -
2024-05-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://2dffbba18b.nxcli.io/
Frame ID: D65D1F3B23A05EC633F5BDCCAA558939
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Physical Therapy in New York, NY - Hero Stencil

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

43
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

794 kB
Transfer

3182 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
2dffbba18b.nxcli.io/ 		125 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
96d897918b60a9073faf06bb692499069deca4ca92d755ac45b6d26016bbe42f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 03 Apr 2024 18:41:04 GMT
link
<https://2dffbba18b.nxcli.io/wp-json/>; rel="https://api.w.org/" <https://2dffbba18b.nxcli.io/wp-json/wp/v2/pages/92>; rel="alternate"; type="application/json" <https://2dffbba18b.nxcli.io/>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-cache-nxaccel
BYPASS
css2
fonts.googleapis.com/ 		2 KB
931 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Work+Sans:ital,wght@0,100..900;1,100..900&display=swap
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
07b6c3546b2bb5e91c21989eefb4b2543ec95fa9c6bea4897bf10c57277f7764
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 Apr 2024 18:41:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 Apr 2024 18:02:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Apr 2024 18:41:05 GMT
style.min.css
2dffbba18b.nxcli.io/wp-includes/css/dist/block-library/ 		111 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:04 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 06:32:51 GMT
server
nginx
etag
W/"1bae5-6152b64501b38"
vary
Accept-Encoding
content-type
text/css
x-nocache
1
custom-color-overrides.css
2dffbba18b.nxcli.io/wp-content/themes/twentytwentyone/assets/css/ 		130 B
170 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-content/themes/twentytwentyone/assets/css/custom-color-overrides.css
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
54e310005e904894ed9c3e6582efae4f8e57e695cba3adb1e304bec2e68a5951

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:04 GMT
content-encoding
br
last-modified
Thu, 09 Nov 2023 12:59:34 GMT
server
nginx
etag
W/"82-609b7c67cd980"
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
text/css
style.css
2dffbba18b.nxcli.io/wp-content/themes/atlantic-rehab/ 		3 KB
863 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-content/themes/atlantic-rehab/style.css
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
915b7dc8a4f352499edcd2c27aae0c6d64927fce36766b9524a443995284e122

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:04 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 10:10:56 GMT
server
nginx
etag
W/"b4b-6152e704823d3"
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
text/css
style.min.css
2dffbba18b.nxcli.io/wp-content/themes/atlantic-rehab/assets/dest/css/ 		333 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-content/themes/atlantic-rehab/assets/dest/css/style.min.css
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
0bd8fe574acfaa64c2ec90646863a5127d1722672d838fa201c88ef9596589a6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:04 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 14:28:32 GMT
server
nginx
etag
W/"533d8-6153209835a34"
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
text/css
jquery.min.js
2dffbba18b.nxcli.io/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-includes/js/jquery/jquery.min.js
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:04 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 06:30:22 GMT
server
nginx
etag
W/"15601-6152b5b7066d8"
vary
Accept-Encoding
content-type
application/javascript
x-nocache
1
front.min.js
2dffbba18b.nxcli.io/wp-content/plugins/easy-import-yoast-seo-meta/assets/js/ 		40 B
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-content/plugins/easy-import-yoast-seo-meta/assets/js/front.min.js
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
e55867ed2a6ff5c54cb7034ce0ee53093b9ceddbc397208cb3f915dda7bc9181

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:04 GMT
content-encoding
br
last-modified
Tue, 18 Jul 2023 10:38:37 GMT
server
nginx
etag
W/"28-600c084808540"
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
application/javascript
jquery-migrate.min.js
2dffbba18b.nxcli.io/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:04 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 06:30:22 GMT
server
nginx
etag
W/"3509-6152b5b7066d8"
vary
Accept-Encoding
content-type
application/javascript
x-nocache
1
6817.js
script.crazyegg.com/pages/scripts/0078/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0078/6817.js
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a1965ac967fc533d321063f725c85ec7cbed42f4c4a46331336959b8883488d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:05 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 03 Apr 2024 18:33:55 GMT
server
cloudflare
cf-polished
origSize=6112
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
ce-version
11.5.201
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
86eb30d75ff64bcc-BUF
basic.min.css
2dffbba18b.nxcli.io/wp-content/plugins/gravityforms/assets/css/dist/ 		47 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-content/plugins/gravityforms/assets/css/dist/basic.min.css
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
8fc82c903d34f3a769a6d55f6d8703847107ea1b41fd3a636070bbfb3bfc7607

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:04 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 09:56:05 GMT
server
nginx
etag
W/"bc85-6152e3b2cea98"
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
text/css
theme-components.min.css
2dffbba18b.nxcli.io/wp-content/plugins/gravityforms/assets/css/dist/ 		0
62 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-content/plugins/gravityforms/assets/css/dist/theme-components.min.css
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:04 GMT
last-modified
Wed, 03 Apr 2024 09:56:05 GMT
server
nginx
etag
"0-6152e3b2d09d8"
x-cache-nxaccel
MISS
content-type
text/css
accept-ranges
bytes
content-length
0
theme-ie11.min.css
2dffbba18b.nxcli.io/wp-content/plugins/gravityforms/assets/css/dist/ 		2 KB
371 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-content/plugins/gravityforms/assets/css/dist/theme-ie11.min.css
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
032dc89de9e654706c6239447c5fe7e0346209c8319411521ac476b58c7f4f88

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:04 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 09:56:05 GMT
server
nginx
etag
W/"6d9-6152e3b2d09d8"
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
text/css
theme.min.css
2dffbba18b.nxcli.io/wp-content/plugins/gravityforms/assets/css/dist/ 		30 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-content/plugins/gravityforms/assets/css/dist/theme.min.css
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
3a878053854fd21eb223e5cac953fabcee6b2fdb5fd92c935eb03cb8b8fa07fc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:04 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 09:56:05 GMT
server
nginx
etag
W/"791a-6152e3b2d0dc0"
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
text/css
scripts.min.js
2dffbba18b.nxcli.io/wp-content/themes/atlantic-rehab/assets/dest/js/ 		317 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-content/themes/atlantic-rehab/assets/dest/js/scripts.min.js
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
459eb75c2a64b2c138142afbb5880f4ef0e6c09166c75963aa2c888dcebe1b60

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:04 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 13:07:08 GMT
server
nginx
etag
W/"4f20f-61530e668fa5b"
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
application/javascript
wp-polyfill-inert.min.js
2dffbba18b.nxcli.io/wp-includes/js/dist/vendor/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:04 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 06:30:22 GMT
server
nginx
etag
W/"1feb-6152b5b6ff1a8"
vary
Accept-Encoding
content-type
application/javascript
x-nocache
1
regenerator-runtime.min.js
2dffbba18b.nxcli.io/wp-includes/js/dist/vendor/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:04 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 06:30:22 GMT
server
nginx
etag
W/"19e1-6152b5b6fe5f0"
vary
Accept-Encoding
content-type
application/javascript
x-nocache
1
wp-polyfill.min.js
2dffbba18b.nxcli.io/wp-includes/js/dist/vendor/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:04 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 06:32:51 GMT
server
nginx
etag
W/"96be-6152b6450ee29"
vary
Accept-Encoding
content-type
application/javascript
x-nocache
1
dom-ready.min.js
2dffbba18b.nxcli.io/wp-includes/js/dist/ 		457 B
321 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-includes/js/dist/dom-ready.min.js
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
5a43a22e48f94b7a45a9a9b1a107f197213b73307fdfa2e6b2daadab264f94d2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:04 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 06:32:51 GMT
server
nginx
etag
W/"1c9-6152b64515f71"
vary
Accept-Encoding
content-type
application/javascript
x-nocache
1
hooks.min.js
2dffbba18b.nxcli.io/wp-includes/js/dist/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-includes/js/dist/hooks.min.js
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:04 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 06:32:51 GMT
server
nginx
etag
W/"10d3-6152b64513479"
vary
Accept-Encoding
content-type
application/javascript
x-nocache
1
i18n.min.js
2dffbba18b.nxcli.io/wp-includes/js/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-includes/js/dist/i18n.min.js
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:04 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 06:32:51 GMT
server
nginx
etag
W/"23b5-6152b64514031"
vary
Accept-Encoding
content-type
application/javascript
x-nocache
1
a11y.min.js
2dffbba18b.nxcli.io/wp-includes/js/dist/ 		2 KB
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-includes/js/dist/a11y.min.js
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
bb4e63c126beae75728fc000a8847d4d91427b7a63e711f3668de1c20bd5d76c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:04 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 06:32:51 GMT
server
nginx
etag
W/"936-6152b64516741"
vary
Accept-Encoding
content-type
application/javascript
x-nocache
1
jquery.json.min.js
2dffbba18b.nxcli.io/wp-content/plugins/gravityforms/js/ 		2 KB
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-content/plugins/gravityforms/js/jquery.json.min.js
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
998a575c7b376128a98e6d67e29c42e1726aac3489cf2c0b2aaebf6f6ad0b546

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:05 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 09:56:05 GMT
server
nginx
etag
W/"72c-6152e3b2e6581"
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
application/javascript
gravityforms.min.js
2dffbba18b.nxcli.io/wp-content/plugins/gravityforms/js/ 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-content/plugins/gravityforms/js/gravityforms.min.js
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
8e2ffd596c0b4460f148da17323c71c3a1cacb853b4502e5d6953cda9b107e33

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:05 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 09:56:05 GMT
server
nginx
etag
W/"b655-6152e3b2e6199"
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
application/javascript
placeholders.jquery.min.js
2dffbba18b.nxcli.io/wp-content/plugins/gravityforms/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:05 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 09:56:05 GMT
server
nginx
etag
W/"121f-6152e3b2e6969"
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
application/javascript
utils.min.js
2dffbba18b.nxcli.io/wp-content/plugins/gravityforms/assets/js/dist/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-content/plugins/gravityforms/assets/js/dist/utils.min.js
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
05a02a17f79ea82224a296d1b3067e36ae3440fca4172aead3b8fee4a4cfe770

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:05 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 09:56:05 GMT
server
nginx
etag
W/"97ad-6152e3b2d30e8"
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
application/javascript
vendor-theme.min.js
2dffbba18b.nxcli.io/wp-content/plugins/gravityforms/assets/js/dist/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-content/plugins/gravityforms/assets/js/dist/vendor-theme.min.js
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
6b63f93f45b836123619e22860a43538ac0cd157f7afd2f58134e28e5e18fa04

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:05 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 09:56:05 GMT
server
nginx
etag
W/"438a-6152e3b2d38b8"
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
application/javascript
scripts-theme.min.js
2dffbba18b.nxcli.io/wp-content/plugins/gravityforms/assets/js/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-content/plugins/gravityforms/assets/js/dist/scripts-theme.min.js
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
fff9001fa9a705871580a83e3c2916c7d136360c55bf0b5ac88d6e055085678d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:05 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 09:56:05 GMT
server
nginx
etag
W/"1043-6152e3b2d30e8"
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
application/javascript
akismet-frontend.js
2dffbba18b.nxcli.io/wp-content/plugins/akismet/_inc/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-content/plugins/akismet/_inc/akismet-frontend.js
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
6bc5622bfab1a16855ad49b99a3f9ed8eb24f49da469a113f9000b866f109e2e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:05 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 07:22:11 GMT
server
nginx
etag
W/"2c7c-6152c14be4b6d"
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
application/javascript
lazyload.min.js
2dffbba18b.nxcli.io/wp-content/plugins/rocket-lazy-load/assets/js/16.1/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:05 GMT
content-encoding
br
last-modified
Fri, 06 May 2022 14:20:20 GMT
server
nginx
etag
W/"1ed2-5de588eedf100"
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
application/javascript
gtm.js
www.googletagmanager.com/ 		197 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K3QW92G
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0f5e9aafaebf931fc7469226af035aff393c8c776e59a0f1988246a64327f60b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71336
x-xss-protection
0
last-modified
Wed, 03 Apr 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Apr 2024 18:41:05 GMT
icons.svg
2dffbba18b.nxcli.io/wp-content/themes/atlantic-rehab/assets/src/fonts/ 		24 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/wp-content/themes/atlantic-rehab/assets/src/fonts/icons.svg
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
8251de28725309205143562e17d9f0ac445481d7c11a1ab389354aee84291760

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:05 GMT
content-encoding
br
last-modified
Mon, 11 Sep 2023 12:09:27 GMT
server
nginx
etag
W/"602c-60514329e8bc0"
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ab4df2fab14fd89457b5efaab1a741d99a11c461a176df39b777f0006083f87

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4cbe8341a283ebd2e06d7a19e164b7c1b01f303b96f65334e1c27a5cb86ed5a8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d802d6034a1ef9a372db90099477c9f92e21c4817a05ee29d781e86afbdcfaa2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:ital,wght@0,100..900;1,100..900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://2dffbba18b.nxcli.io
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 04:39:17 GMT
x-content-type-options
nosniff
age
568908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50668
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:13:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Mar 2025 04:39:17 GMT
jquery.mousewheel.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/wp-includes/js/jquery/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1153826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1046
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-ad3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KGRd2qJAj1f7qFLMiC0GRs7I%2FjngKkO4%2Bz6E%2B1004xNf7ErDa%2FLCEU0IoJ%2FEL4wnxomySKIi5hQBx9u1FeaD8HnFYdbxNeauElQ5ZD9ifQ5hXy1hK56sKvSL6g9QMnIb3nlYz2K1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86eb30d7dc82549d-YYZ
expires
Mon, 24 Mar 2025 18:41:05 GMT
QGYqz_wNahGAdqQ43Rh_eZDrv_0.woff2
fonts.gstatic.com/s/worksans/v19/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v19/QGYqz_wNahGAdqQ43Rh_eZDrv_0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:ital,wght@0,100..900;1,100..900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0422742e6c82cf3b25d46c77cb8fb17af8080cd8b155f848cc66226c64976978
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://2dffbba18b.nxcli.io
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 07:48:22 GMT
x-content-type-options
nosniff
age
39163
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48356
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:38:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Apr 2025 07:48:22 GMT
2dffbba18b.nxcli.io.json
script.crazyegg.com/pages/data-scripts/0078/6817/site/ 		903 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0078/6817/site/2dffbba18b.nxcli.io.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0078/6817.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4366b790277407292f5605e1bd293e08f3580fff58413827526ba325fa982321

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:06 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 03 Apr 2024 18:41:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
ce-version
11.5.201
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86eb30d88c204bd5-BUF
content-length
31151
logo.png
2dffbba18b.nxcli.io/wp-content/uploads/2024/04/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2dffbba18b.nxcli.io/wp-content/uploads/2024/04/logo.png
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
1ba08190a071caaa27093d98b7a49a8c7657482bac5a11b5bead7b6eff3c5146

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:05 GMT
last-modified
Wed, 03 Apr 2024 10:02:06 GMT
server
nginx
etag
"3cec-6152e50b29132"
x-cache-nxaccel
MISS
content-type
image/png
accept-ranges
bytes
content-length
15596
hero-banner.jpg
2dffbba18b.nxcli.io/wp-content/uploads/2024/04/ 		168 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2dffbba18b.nxcli.io/wp-content/uploads/2024/04/hero-banner.jpg
Requested by
Host: 2dffbba18b.nxcli.io
URL: https://2dffbba18b.nxcli.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
ea1ff33c9532af4eaef05bfcb0b79c52fe2778067856e5539dc526ea4ed0730f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:05 GMT
last-modified
Wed, 03 Apr 2024 13:05:30 GMT
server
nginx
etag
"2a09f-61530e08ab481"
x-cache-nxaccel
MISS
content-type
image/jpeg
accept-ranges
bytes
content-length
172191
js
www.googletagmanager.com/gtag/ 		301 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z3ZNCC1H4Q&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3QW92G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d39e42effb42b81d600acbd2c376702cbbee59f73725bfac31d8cf4efaf71241
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101800
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 03 Apr 2024 18:41:05 GMT
collect
www.google-analytics.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z3ZNCC1H4Q&gtm=45je4410v9102717681z89102712610za200&_p=1712169665125&gcd=13l3l3l3l1&npa=0&dma=0&cid=784694777.1712169666&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712169665&sct=1&seg=0&dl=https%3A%2F%2F2dffbba18b.nxcli.io%2F&dt=Physical%20Therapy%20in%20New%20York%2C%20NY%20-%20Hero%20Stencil&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1902
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z3ZNCC1H4Q&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 18:41:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://2dffbba18b.nxcli.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
2dffbba18b.nxcli.io/ 		0
73 B 		Other
General
Check archive.org
Download Go to
Full URL
https://2dffbba18b.nxcli.io/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.25.56 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-1985831.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:05 GMT
last-modified
Wed, 03 Apr 2024 06:32:59 GMT
server
nginx
etag
"0-6152b64cc256f"
x-cache-nxaccel
MISS
content-type
image/vnd.microsoft.icon
accept-ranges
bytes
content-length
0
096739e58e541eb980ac532c0669fee9.js
script.crazyegg.com/pages/versioned/commontransformations-scripts/ 		137 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/commontransformations-scripts/096739e58e541eb980ac532c0669fee9.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0078/6817.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bd7ef896b2c25a8ba2e18550ba831f59eafea2e2a58852d4a2125cc9269a6a0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 21 Mar 2024 21:01:53 GMT
server
cloudflare
age
36212
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86eb30df9c504bcc-BUF
content-length
46301
2dffbba18b.nxcli.io.json
script.crazyegg.com/pages/data-scripts/0078/6817/sampling/ 		64 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0078/6817/sampling/2dffbba18b.nxcli.io.json?t=475602
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/096739e58e541eb980ac532c0669fee9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00a876f70362b682d28bcc07cd2ce76c451e44f557fed4f0ca6dcbf84de7bbaf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://2dffbba18b.nxcli.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:41:06 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 03 Apr 2024 18:41:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
ce-version
11.5.201
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86eb30e018424bd5-BUF
content-length
10020

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| gform function| $ function| jQuery object| dataLayer object| frontend_ajax_object object| admin_theme_object string| themeObj function| headerHeight function| accordion object| slideWrapper object| iframes function| postMessageToPlayer function| playPauseVideo boolean| mCustomScrollbar function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| runtime object| regeneratorRuntime object| wp function| sprintf function| vsprintf object| gform_i18n object| gf_legacy_multi object| gform_gravityforms object| gf_global object| gform_theme_config object| lazyLoadOptions function| LazyLoad function| announceAJAXValidationErrors function| gformBindFormatPricingFields function| Currency function| gformCleanNumber function| gformGetDecimalSeparator function| gformIsNumber function| gformIsNumeric function| gformDeleteUploadedFile object| _gformPriceFields undefined| _anyProductSelected function| gformIsHidden function| gformCalculateTotalPrice function| gformUpdateTotalFieldPrice function| gformGetShippingPrice function| gformGetFieldId function| gformCalculateProductPrice function| gformGetProductQuantity function| gformIsProductSelected function| gformGetBasePrice function| gformFormatMoney function| gformFormatPricingField function| gformToNumber function| gformGetPriceDifference function| gformGetOptionLabel function| gformGetProductIds function| gformGetPrice function| gformRoundPrice function| gformRegisterPriceField function| gformInitPriceFields function| gformShowPasswordStrength function| gformPasswordStrength function| gformToggleShowPassword function| gformToggleCheckboxes function| gformToggleRadioOther function| gformAddListItem function| gformDeleteListItem function| gformAdjustClasses function| gformAdjustRowAttributes function| gformToggleIcons function| gformAddRepeaterItem function| gformDeleteRepeaterItem function| gformResetRepeaterAttributes function| gformToggleRepeaterButtons function| gformMatchCard function| gformFindCardType function| gformToggleCreditCard function| gformInitChosenFields function| gformInitCurrencyFormatFields function| GFMergeTag function| GFCalc undefined| __gf_keyup_timeout function| gformFormatNumber function| getMatchGroups function| gf_get_field_number_format function| gformValidateFileSize function| gformInitSpinner function| gformInitializeSpinner function| gformRemoveSpinner function| gformAddSpinner function| gformReInitTinymceInstance function| gf_raw_input_change function| gf_get_input_id_by_html_id function| gf_get_form_id_by_html_id function| gf_get_ids_by_html_id function| gf_input_change function| gformExtractFieldId function| gformExtractInputIndex function| rgars function| rgar function| HandleUnsavedChanges function| renderRecaptcha function| gformIsRecaptchaPending object| gfMultiFileUploader object| Placeholders object| webpackChunkgravityforms object| images boolean| is_image boolean| is_iframe object| rocket_lazy boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL number| header_height object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT string| __INDIVIDUAL_ONE_VERSION_ev-store_ENFORCE_SINGLETON undefined| __INDIVIDUAL_ONE_VERSION_ev-store object| CE_API

5 Cookies

Domain/Path Name / Value
.nxcli.io/ Name: _ga_Z3ZNCC1H4Q
Value: GS1.1.1712169665.1.0.1712169665.0.0.0
.nxcli.io/ Name: _ga
Value: GA1.1.784694777.1712169666
.nxcli.io/ Name: _ce.irv
Value: new
.nxcli.io/ Name: cebs
Value: 1
.nxcli.io/ Name: _ce.s
Value: v~fc2e31d254b753b35f494ec14d5640cbf4fcf4ff~lcw~1712169666761~lva~1712169666761~vpv~0~lcw~1712169666770

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2dffbba18b.nxcli.io
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
script.crazyegg.com
www.google-analytics.com
www.googletagmanager.com
104.17.24.14
209.126.25.56
2606:4700::6813:9408
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80d::2008
2607:f8b0:4006:81f::200e
2607:f8b0:4006:820::200a
00a876f70362b682d28bcc07cd2ce76c451e44f557fed4f0ca6dcbf84de7bbaf
032dc89de9e654706c6239447c5fe7e0346209c8319411521ac476b58c7f4f88
0422742e6c82cf3b25d46c77cb8fb17af8080cd8b155f848cc66226c64976978
05a02a17f79ea82224a296d1b3067e36ae3440fca4172aead3b8fee4a4cfe770
07b6c3546b2bb5e91c21989eefb4b2543ec95fa9c6bea4897bf10c57277f7764
0bd8fe574acfaa64c2ec90646863a5127d1722672d838fa201c88ef9596589a6
0f5e9aafaebf931fc7469226af035aff393c8c776e59a0f1988246a64327f60b
17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937
1ba08190a071caaa27093d98b7a49a8c7657482bac5a11b5bead7b6eff3c5146
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
2a1965ac967fc533d321063f725c85ec7cbed42f4c4a46331336959b8883488d
2ab4df2fab14fd89457b5efaab1a741d99a11c461a176df39b777f0006083f87
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
3a878053854fd21eb223e5cac953fabcee6b2fdb5fd92c935eb03cb8b8fa07fc
4366b790277407292f5605e1bd293e08f3580fff58413827526ba325fa982321
459eb75c2a64b2c138142afbb5880f4ef0e6c09166c75963aa2c888dcebe1b60
4cbe8341a283ebd2e06d7a19e164b7c1b01f303b96f65334e1c27a5cb86ed5a8
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
54e310005e904894ed9c3e6582efae4f8e57e695cba3adb1e304bec2e68a5951
5a43a22e48f94b7a45a9a9b1a107f197213b73307fdfa2e6b2daadab264f94d2
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
6b63f93f45b836123619e22860a43538ac0cd157f7afd2f58134e28e5e18fa04
6bc5622bfab1a16855ad49b99a3f9ed8eb24f49da469a113f9000b866f109e2e
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
8251de28725309205143562e17d9f0ac445481d7c11a1ab389354aee84291760
8e2ffd596c0b4460f148da17323c71c3a1cacb853b4502e5d6953cda9b107e33
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8fc82c903d34f3a769a6d55f6d8703847107ea1b41fd3a636070bbfb3bfc7607
915b7dc8a4f352499edcd2c27aae0c6d64927fce36766b9524a443995284e122
96d897918b60a9073faf06bb692499069deca4ca92d755ac45b6d26016bbe42f
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
998a575c7b376128a98e6d67e29c42e1726aac3489cf2c0b2aaebf6f6ad0b546
9bd7ef896b2c25a8ba2e18550ba831f59eafea2e2a58852d4a2125cc9269a6a0
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bb4e63c126beae75728fc000a8847d4d91427b7a63e711f3668de1c20bd5d76c
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d39e42effb42b81d600acbd2c376702cbbee59f73725bfac31d8cf4efaf71241
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d802d6034a1ef9a372db90099477c9f92e21c4817a05ee29d781e86afbdcfaa2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55867ed2a6ff5c54cb7034ce0ee53093b9ceddbc397208cb3f915dda7bc9181
ea1ff33c9532af4eaef05bfcb0b79c52fe2778067856e5539dc526ea4ed0730f
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
fff9001fa9a705871580a83e3c2916c7d136360c55bf0b5ac88d6e055085678d