urlscan.io logo urlscan.io
SecurityTrails logo

www.fyzical.com Open in urlscan Pro
192.124.249.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fyzical.com/
Effective URL: https://www.fyzical.com/
Submission: On October 14 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 6 domains to perform 39 HTTP transactions. The main IP is 192.124.249.20, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is www.fyzical.com. The Cisco Umbrella rank of the primary domain is 962305.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 15th 2024. Valid for: a year.
This is the only time www.fyzical.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20 192.124.249.20 30148 (SUCURI-SEC)
1 18.173.132.125 16509 (AMAZON-02)
4 142.250.80.104 15169 (GOOGLE)
7 89.187.177.17 60068 (CDN77 _)
2 44.230.24.246 16509 (AMAZON-02)
4 142.251.32.110 15169 (GOOGLE)
2 52.32.173.138 16509 (AMAZON-02)
39 7
20    192.124.249.20 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10020.sucuri.net
fyzical.com
www.fyzical.com
1    18.173.132.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-125.jfk52.r.cloudfront.net
cdn.rlets.com
4    142.250.80.104 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f8.1e100.net
www.googletagmanager.com
7    89.187.177.17 (New York, United States)

ASN60068 (CDN77 _, GB)
PTR: 135577161.nyc.cdn77.com
cdn.userway.org
2    44.230.24.246 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-24-246.us-west-2.compute.amazonaws.com
capturelogger-prod-usa.localiq.com
4    142.251.32.110 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f14.1e100.net
www.google-analytics.com
2    52.32.173.138 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-32-173-138.us-west-2.compute.amazonaws.com
api.userway.org
Apex Domain
Subdomains		 Transfer
20 fyzical.com
fyzical.com — Cisco Umbrella Rank: 936430
www.fyzical.com — Cisco Umbrella Rank: 962305
10 MB
9 userway.org
cdn.userway.org — Cisco Umbrella Rank: 3272
api.userway.org — Cisco Umbrella Rank: 3171
66 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
21 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
296 KB
2 localiq.com
capturelogger-prod-usa.localiq.com — Cisco Umbrella Rank: 23965
579 B
1 rlets.com
cdn.rlets.com — Cisco Umbrella Rank: 15600
2 KB
39 6
Domain Requested by
19 www.fyzical.com www.fyzical.com
www.googletagmanager.com
7 cdn.userway.org www.fyzical.com
cdn.userway.org
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 www.googletagmanager.com www.fyzical.com
www.googletagmanager.com
www.google-analytics.com
2 api.userway.org cdn.userway.org
2 capturelogger-prod-usa.localiq.com cdn.rlets.com
1 cdn.rlets.com www.fyzical.com
1 fyzical.com 1 redirects
39 8

This site contains links to these domains. Also see Links.

Domain
www.fyzicalfranchise.com
www.patientsites.com
indd.adobe.com
Subject Issuer Validity Valid
fyzical.com
Go Daddy Secure Certificate Authority - G2		 2024-07-15 -
2025-07-15		 a year crt.sh
*.rlets.com
Amazon RSA 2048 M02		 2024-09-29 -
2025-10-27		 a year crt.sh
*.google-analytics.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
1667503734.rsc.cdn77.org
E6		 2024-09-25 -
2024-12-24		 3 months crt.sh
*.localiq.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-01-23		 6 months crt.sh
api.userway.org
Amazon RSA 2048 M02		 2024-08-02 -
2025-08-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.fyzical.com/
Frame ID: 2257BBDBCBCA548AD546A146B95F6DAF
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Physical Therapy Services - Fall Prevention | FYZICAL Therapy & Balance Centers

Page URL History Show full URLs

  1. http://fyzical.com/ HTTP 307
    https://fyzical.com/ HTTP 301
    https://www.fyzical.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js

Page Statistics

39
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

7
IPs

1
Countries

10298 kB
Transfer

11245 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fyzical.com/ HTTP 307
    https://fyzical.com/ HTTP 301
    https://www.fyzical.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.fyzical.com/
Redirect Chain
  • http://fyzical.com/
  • https://fyzical.com/
  • https://www.fyzical.com/
100 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fyzical.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
0265a5b0ced92e1c2e77160fc02bcd38bf024f388fb881cb933dbe04af3c2029
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
17943
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Mon, 14 Oct 2024 13:47:05 GMT
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-sucuri-cache
EXPIRED
x-sucuri-id
12020
x-xss-protection
1; mode=block

Redirect headers

content-length
310
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=iso-8859-1
date
Mon, 14 Oct 2024 13:47:05 GMT
location
https://www.fyzical.com/
server
nginx
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-sucuri-cache
EXPIRED
x-sucuri-id
12020
x-xss-protection
1; mode=block
FontAwesome.woff2
www.fyzical.com/v4/css/font-awesome/fonts/ 		1 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.fyzical.com/v4/css/font-awesome/fonts/FontAwesome.woff2
Requested by
Host: www.fyzical.com
URL: https://www.fyzical.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
3d8e60c9949c9fb7d715ddea6531534b1863abfc0c319cefc2b93d70789359ac
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.fyzical.com
Referer
https://www.fyzical.com/

Response headers

x-sucuri-cache
HIT
x-sucuri-id
12020
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=315360000
etag
"5dc-59d4305bcdf63"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
1500
date
Mon, 14 Oct 2024 13:47:05 GMT
x-xss-protection
1; mode=block
last-modified
Wed, 29 Jan 2020 08:21:08 GMT
server
nginx
x-frame-options
SAMEORIGIN
mms.js
cdn.rlets.com/capture_static/mms/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rlets.com/capture_static/mms/mms.js
Requested by
Host: www.fyzical.com
URL: https://www.fyzical.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-125.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3d90e0630bf2abb2dd98c6688feb1232440c46b7ba098f21cdbf7500504b11c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fyzical.com/

Response headers

x-amz-cf-pop
JFK52-P2
content-encoding
gzip
etag
W/"a218cdcb1f5012a561afa51d4f1a79f4"
age
65761
via
1.1 e58d56c2f23391dd5609aad3656901ce.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
0cXSWNWrPvPjjPr9a2qInSh_1KumfxszyB6teQETi41u10m0rc83uw==
date
Sun, 13 Oct 2024 19:31:06 GMT
content-type
application/javascript
vary
Accept-Encoding
server
AmazonS3
last-modified
Thu, 10 Oct 2024 16:38:00 GMT
x-amz-server-side-encryption
AES256
gtm.js
www.googletagmanager.com/ 		248 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P8BRT68
Requested by
Host: www.fyzical.com
URL: https://www.fyzical.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.104 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
99277b482fc8cba37ba268d151a26743c3c1a8f90055a6d8a7c1f9235121a10f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fyzical.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 14 Oct 2024 13:47:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 13:47:06 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 14 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
89284
x-xss-protection
0
server
Google Tag Manager
widget.js
cdn.userway.org/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: www.fyzical.com
URL: https://www.fyzical.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.177.17 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
135577161.nyc.cdn77.com
Software
CDN77-Turbo /
Resource Hash
19aae78d7beaecfaffbb36932e908f578d5a72432ba663accc95815a9f2cd21f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fyzical.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"59cd386971c343740f4693f3c7ca2f77"
age
394
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
beZl-73T3Yk9xCGRfKDn0C0T5RjamWmJivDflxsv5Cmml2vzAIHHlQ==
date
Mon, 14 Oct 2024 13:47:06 GMT
content-type
application/javascript
last-modified
Tue, 08 Oct 2024 15:31:48 GMT
vary
Accept-Encoding
x-77-nzt-ray
49be14084a278514da200d6719957311
x-77-nzt
EgwBWbuxDwH3GQEAAAwBnJI76AG3EAAAAA
cache-control
max-age=3600, public
via
1.1 5fa457dda68a5020725d371f051783e6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
281
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
FYZICAL_WEB_BANNER_REVISED_FEB_2023_compress.mp4
www.fyzical.com/slideshows/1723/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fyzical.com/slideshows/1723/FYZICAL_WEB_BANNER_REVISED_FEB_2023_compress.mp4
Requested by
Host: www.fyzical.com
URL: https://www.fyzical.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fyzical.com/

Response headers

x-sucuri-cache
HIT
x-sucuri-id
12020
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=315360000
etag
"871238-5fbe5aa1ae488"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
8852024
date
Mon, 14 Oct 2024 13:47:06 GMT
x-xss-protection
1; mode=block
content-type
video/mp4
last-modified
Wed, 17 May 2023 15:51:43 GMT
server
nginx
x-frame-options
SAMEORIGIN
banner_768_2_87.jpg.webp
www.fyzical.com/client/996/img/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fyzical.com/client/996/img/banner_768_2_87.jpg.webp
Requested by
Host: www.fyzical.com
URL: https://www.fyzical.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
811590a1181eacb2b558ea6c7db63a35e6c2e8b76680552426f2605f09e59e2f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fyzical.com/

Response headers

x-sucuri-cache
HIT
x-sucuri-id
12020
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=315360000
etag
"6b8e-605252ddac200"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
27534
date
Mon, 14 Oct 2024 13:47:06 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Tue, 12 Sep 2023 08:25:01 GMT
server
nginx
x-frame-options
SAMEORIGIN
home.js
www.fyzical.com/client/996/js/1163/ 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fyzical.com/client/996/js/1163/home.js?v=1728843795
Requested by
Host: www.fyzical.com
URL: https://www.fyzical.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
0832e3be1243cebf1699a649681b722dc496fd54f9712dde4d44ae7b8d1b209b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fyzical.com/

Response headers

x-sucuri-cache
HIT
content-encoding
gzip
etag
"1b698-6245fd04f83c8-gzip"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
date
Mon, 14 Oct 2024 13:47:06 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Sun, 13 Oct 2024 18:23:15 GMT
x-frame-options
SAMEORIGIN
x-sucuri-id
12020
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=315360000
accept-ranges
bytes
content-length
38716
x-xss-protection
1; mode=block
server
nginx
logo_fyzical_white.png
www.fyzical.com/img/1163/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fyzical.com/img/1163/logo_fyzical_white.png
Requested by
Host: www.fyzical.com
URL: https://www.fyzical.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
49e1d52c28d4a4bdc6aa46255b83a6d86a27eb7b6f3e676b7f318a223be3161b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fyzical.com/

Response headers

x-sucuri-cache
HIT
x-sucuri-id
12020
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=315360000
etag
"19c0-5b5f859c67340"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
6592
date
Mon, 14 Oct 2024 13:47:06 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Tue, 08 Dec 2020 18:45:46 GMT
server
nginx
x-frame-options
SAMEORIGIN
roboto-regular.woff2
www.fyzical.com/v4/fonts/roboto/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.fyzical.com/v4/fonts/roboto/roboto-regular.woff2
Requested by
Host: www.fyzical.com
URL: https://www.fyzical.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
93b95cb7373f5924c1b48bc326e7bd039de40eddf4f45dafca08abe5afb22371
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.fyzical.com
Referer
https://www.fyzical.com/

Response headers

x-sucuri-cache
HIT
x-sucuri-id
12020
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=315360000
etag
"3da0-5a1c968e6e440"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
15776
date
Mon, 14 Oct 2024 13:47:06 GMT
x-xss-protection
1; mode=block
last-modified
Thu, 26 Mar 2020 22:21:44 GMT
server
nginx
x-frame-options
SAMEORIGIN
opensans-regular.woff2
www.fyzical.com/v4/fonts/opensans/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.fyzical.com/v4/fonts/opensans/opensans-regular.woff2
Requested by
Host: www.fyzical.com
URL: https://www.fyzical.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
50e88a8fea99c489498dd4def3d6f5d3857cbcd00b770c6bcd9d5335b13d7066
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.fyzical.com
Referer
https://www.fyzical.com/

Response headers

x-sucuri-cache
HIT
x-sucuri-id
12020
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=315360000
etag
"39e0-5a1c968e6c500"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
14816
date
Mon, 14 Oct 2024 13:47:06 GMT
x-xss-protection
1; mode=block
last-modified
Thu, 26 Mar 2020 22:21:44 GMT
server
nginx
x-frame-options
SAMEORIGIN
FYZICAL_WEB_BANNER_REVISED_FEB_2023_compress.mp4
www.fyzical.com/slideshows/1723/ 		34 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://www.fyzical.com/slideshows/1723/FYZICAL_WEB_BANNER_REVISED_FEB_2023_compress.mp4
Requested by
Host: www.fyzical.com
URL: https://www.fyzical.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fyzical.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-sucuri-cache
HIT
x-sucuri-id
12020
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=315360000
etag
"871238-5fbe5aa1ae488"
Content-Range
bytes 0-8852023/8852024
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
Content-Length
8852024
date
Mon, 14 Oct 2024 13:47:06 GMT
x-xss-protection
1; mode=block
content-type
video/mp4
last-modified
Wed, 17 May 2023 15:51:43 GMT
server
nginx
x-frame-options
SAMEORIGIN
getwidget.php
www.fyzical.com/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.fyzical.com/getwidget.php?wtype=widgets&uid=Mc6ZNrL9SbqhcxWB&wraw=|filter_tag:home-welcome-about|class:home-welcome-about-text%20pswid-2cell-neq%20pswid-2cell-neq-image-right|lazyload:yes
Requested by
Host: www.fyzical.com
URL: https://www.fyzical.com/client/996/js/1163/home.js?v=1728843795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
6fcefabe47a9bec4d8f00bb01160b67d9cb502bc04625b142595d34232c76005
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fyzical.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*

Response headers

x-sucuri-cache
MISS
x-sucuri-id
12020
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
content-length
1233
date
Mon, 14 Oct 2024 13:47:06 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx
x-frame-options
SAMEORIGIN
getwidget.php
www.fyzical.com/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.fyzical.com/getwidget.php?wtype=widgets&uid=QTIHVyTaO5KKsO2N&wraw=|filter_tag:home-diagnostic|class:home-welcome-about-text%20pswid-2cell-neq|lazyload:yes
Requested by
Host: www.fyzical.com
URL: https://www.fyzical.com/client/996/js/1163/home.js?v=1728843795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
8cbfd4e0dc8aa80e36a4efcfbf3a2c5325976a68c9f4b3f91ea89fecd9a3bdb1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fyzical.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*

Response headers

x-sucuri-cache
MISS
x-sucuri-id
12020
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
content-length
1252
date
Mon, 14 Oct 2024 13:47:06 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx
x-frame-options
SAMEORIGIN
ajax.locations.php
www.fyzical.com/ 		29 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.fyzical.com/ajax.locations.php?action=ajax_get_closest_location
Requested by
Host: www.fyzical.com
URL: https://www.fyzical.com/client/996/js/1163/home.js?v=1728843795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
a1ffdc7d770c3d4d6b04d0582d5831ddf809068ad99e82d241b6f7d502a5e72a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fyzical.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01

Response headers

x-sucuri-cache
EXPIRED
x-sucuri-id
12020
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-length
29
date
Mon, 14 Oct 2024 13:47:06 GMT
x-xss-protection
1; mode=block
content-type
application/json
server
nginx
x-frame-options
SAMEORIGIN
insights
capturelogger-prod-usa.localiq.com/capture_logger/api/v1/ 		16 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capturelogger-prod-usa.localiq.com/capture_logger/api/v1/insights
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_static/mms/mms.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.24.246 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-24-246.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.fyzical.com/

Response headers

access-control-max-age
7200
x-request-id
e4042fc5-abef-4d2e-b818-c45e06e8ee59
access-control-expose-headers
etag
W/"c955e57777ec0d73639dca6748560d00"
x-permitted-cross-domain-policies
none
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 13:47:06 GMT
content-type
application/json; charset=utf-8
vary
Accept, Origin
x-runtime
0.002024
x-frame-options
SAMEORIGIN
cache-control
max-age=0, private, must-revalidate
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
x-download-options
noopen
access-control-allow-origin
*
x-xss-protection
1; mode=block
widget_app_base_1728401297040.js
cdn.userway.org/widgetapp/2024-10-08-15-28-17/ 		126 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.177.17 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
135577161.nyc.cdn77.com
Software
CDN77-Turbo /
Resource Hash
fcbd22fcf355f8ca1b4eee520ca2541bb02fa8c77ccfe2d2795570b89a7fd134

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.fyzical.com
Referer
https://www.fyzical.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"5afeaac7e2e18a97518efd0a8a1bb1fe"
age
393
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
gfJ9zHOsXK_sODahSo-DqnClw7qSpGe9TrxI8RikHTwP1sWsPvPJDw==
date
Mon, 14 Oct 2024 13:47:06 GMT
content-type
application/javascript
last-modified
Tue, 08 Oct 2024 15:31:35 GMT
vary
Accept-Encoding
x-77-nzt-ray
49be1408843b781cda200d679e70d328
x-77-nzt
EgwBWbuxDwH3ec4HAAwBuTvfFAG3EQAAAA
cache-control
max-age=25920000, public
via
1.1 cd1a98ac42a21b663c8fc8cd6f37232e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
511609
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
insights
capturelogger-prod-usa.localiq.com/capture_logger/api/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://capturelogger-prod-usa.localiq.com/capture_logger/api/v1/insights
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.24.246 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-24-246.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.fyzical.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 14 Oct 2024 13:47:06 GMT
via
1.1 google
FYZICAL_WEB_BANNER_REVISED_FEB_2023_compress.mp4
www.fyzical.com/slideshows/1723/ 		37 KB
37 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://www.fyzical.com/slideshows/1723/FYZICAL_WEB_BANNER_REVISED_FEB_2023_compress.mp4
Requested by
Host: www.fyzical.com
URL: https://www.fyzical.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
ad1a99af2fa935f6a6486b9b71e420851019e3f1c81c41c5e93f912266a2fcbe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fyzical.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range
bytes=8814592-

Response headers

x-sucuri-cache
HIT
x-sucuri-id
12020
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=315360000
etag
"871238-5fbe5aa1ae488"
Content-Range
bytes 8814592-8852023/8852024
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
Content-Length
37432
date
Mon, 14 Oct 2024 13:47:06 GMT
x-xss-protection
1; mode=block
last-modified
Wed, 17 May 2023 15:51:43 GMT
content-type
video/mp4
server
nginx
x-frame-options
SAMEORIGIN
js
www.googletagmanager.com/gtag/ 		327 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7YX3L5FMRZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8BRT68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.104 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7aee9797c8d5bbe863b4e485692bb90133a0e3fc2718923d0542232d539437ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fyzical.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 14 Oct 2024 13:47:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 13:47:06 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109720
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8BRT68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.110 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fyzical.com/

Response headers

content-encoding
gzip
age
6062
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 14:06:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 12:06:04 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
mms.js%E2%80%9D
www.fyzical.com/%E2%80%9C//cdn.rlets.com/capture_static/mms/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fyzical.com/%E2%80%9C//cdn.rlets.com/capture_static/mms/mms.js%E2%80%9D
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8BRT68
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fyzical.com/

Response headers

x-sucuri-cache
EXPIRED
x-sucuri-id
12020
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
date
Mon, 14 Oct 2024 13:47:06 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
server
nginx
x-frame-options
SAMEORIGIN
Doctor_Consultation.jpg
www.fyzical.com/widgets/996/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fyzical.com/widgets/996/Doctor_Consultation.jpg
Requested by
Host: www.fyzical.com
URL: https://www.fyzical.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
34a9be41eda35f998a1142e34c7f5566c94db12fdaa52ecba9e71b64184a5f59
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fyzical.com/

Response headers

x-sucuri-cache
HIT
x-sucuri-id
12020
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=315360000
etag
"127d1-608fe02d16280"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
75729
date
Mon, 14 Oct 2024 13:47:06 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Tue, 31 Oct 2023 07:22:02 GMT
server
nginx
x-frame-options
SAMEORIGIN
7kQ_wGq_HomePage_Graphic_2024_58.jpg
www.fyzical.com/widgets/996/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fyzical.com/widgets/996/7kQ_wGq_HomePage_Graphic_2024_58.jpg
Requested by
Host: www.fyzical.com
URL: https://www.fyzical.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
8e04a3b21e24010aac919e536c79718c2fbf1e4b4b2a86788d1e15c72af29c21
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fyzical.com/

Response headers

x-sucuri-cache
HIT
x-sucuri-id
12020
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=315360000
etag
"e901-6209b77ebcdd0"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
59649
date
Mon, 14 Oct 2024 13:47:06 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Mon, 26 Aug 2024 19:52:44 GMT
server
nginx
x-frame-options
SAMEORIGIN
FYZICAL_WEB_BANNER_REVISED_FEB_2023_compress.mp4
www.fyzical.com/slideshows/1723/ 		8 MB
8 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://www.fyzical.com/slideshows/1723/FYZICAL_WEB_BANNER_REVISED_FEB_2023_compress.mp4
Requested by
Host: www.fyzical.com
URL: https://www.fyzical.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
6ef94c6dd3b250c666ae6b2ffb3cc72e3f31f54cedc04b4f6528f5c99393d359
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fyzical.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range
bytes=32768-

Response headers

x-sucuri-cache
HIT
x-sucuri-id
12020
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=315360000
etag
"871238-5fbe5aa1ae488"
Content-Range
bytes 32768-8852023/8852024
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
Content-Length
8819256
date
Mon, 14 Oct 2024 13:47:06 GMT
x-xss-protection
1; mode=block
last-modified
Wed, 17 May 2023 15:51:43 GMT
content-type
video/mp4
server
nginx
x-frame-options
SAMEORIGIN
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-7YX3L5FMRZ&gtm=45je4a90v9101200994z8813323196za200zb813323196&_p=1728913625923&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101686685&cid=1018872417.1728913627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1728913626&sct=1&seg=0&dl=https%3A%2F%2Fwww.fyzical.com%2F&dt=Physical%20Therapy%20Services%20-%20Fall%20Prevention%20%7C%20FYZICAL%20Therapy%20%26%20Balance%20Centers&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1733
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7YX3L5FMRZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.110 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fyzical.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.fyzical.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 13:47:06 GMT
content-type
text/plain
server
Golfe2
5VjWdyFLlF
api.userway.org/api/tunings/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/5VjWdyFLlF
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.32.173.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-173-138.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
13a528827f803c2ea9d6e1d4f678b91e7650e487277199dd7cd5a28166601dac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.fyzical.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
x-service-request-id
usr36f4efb2c3e8490
etag
W/"6a8-VxshdsqiCC/DJQ2hcnjtonZBXvQ"
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
content-length
1704
date
Mon, 14 Oct 2024 13:47:07 GMT
content-type
application/json; charset=utf-8
x-service-version
uw-pr
access-control-allow-headers
*
collect
www.google-analytics.com/j/ 		15 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=167387240&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fyzical.com%2F&ul=en-us&de=UTF-8&dt=Physical%20Therapy%20Services%20-%20Fall%20Prevention%20%7C%20FYZICAL%20Therapy%20%26%20Balance%20Centers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=2087264997&gjid=107607016&cid=1018872417.1728913627&tid=UA-44267312-2&_gid=180986680.1728913627&_r=1&_slc=1&gtm=45He4a90n81P8BRT68v813323196za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101529666~101671035~101686685&z=612523703
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.110 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
eea68da9327d445880e84c3c5b6b6c6f0c8be180710a79731056c68b1fe66004
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.fyzical.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 13:47:07 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.fyzical.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?v=3&t=l&pid=257071611&rv=4a90&tag_exp=101529666~101671035~101686685&u=AAAAAAAAAAAAAACA&h=Ag&gtm=45He4a90v813323196za200&ccid=13323196&cid=GTM-P8BRT68&l=L820.S5.Y6.B19.E492.I986.EC5.TC7.HTC1~gtm.init.S0.V0.E17.TS5googtag.TI15.TE3~gtm.js.S0.V0.TS1ua.TI2.TE3.TS1html.TI4.TE1.TS5cl.TI22.TE0.TS5lcl.TI23.TE0.TS5cl.TI24.TE0.TS5cl.TI25.TE0~gtm.dom.S0.V0.E2~gtm.load.S0.V0.E1~gtm.init_consent.S3.V2.E19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.104 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fyzical.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Mon, 14 Oct 2024 13:47:07 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
favicon.png
www.fyzical.com/img/1163/ 		658 B
988 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.fyzical.com/img/1163/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
b4c0e7687f161f12aa610b4356bc733726fd14cd1561a4dc9b942eb29209f193
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fyzical.com/

Response headers

x-sucuri-cache
HIT
x-sucuri-id
12020
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=315360000
etag
"292-5f5320d1e9800"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
658
date
Mon, 14 Oct 2024 13:47:06 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Tue, 21 Feb 2023 09:03:20 GMT
server
nginx
x-frame-options
SAMEORIGIN
js
www.googletagmanager.com/gtag/ 		290 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RWGKBXXH18&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.104 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b28bce71e0cf155f3c9f56c2f2d7fdb087a497adbd61d412da8fffe954f9c323
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fyzical.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 14 Oct 2024 13:47:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 13:47:07 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
102709
x-xss-protection
0
server
Google Tag Manager
en-US.json
cdn.userway.org/widgetapp/2024-10-08-15-28-17/locales/ 		607 B
941 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/locales/en-US.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.177.17 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
135577161.nyc.cdn77.com
Software
CDN77-Turbo /
Resource Hash
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fyzical.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"971644f50e2020e1ff22e37edcad46f6"
age
281
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
7Wk6bL5chCLq6Qx1I3QANOYm2oCefVrnnP1-CbLH29s3cRldkNGksw==
date
Mon, 14 Oct 2024 13:47:07 GMT
content-type
application/json
last-modified
Tue, 08 Oct 2024 15:31:34 GMT
x-77-nzt-ray
49be1408843b781cdb200d67644f2018
vary
Accept-Encoding
x-77-nzt
EgwBWbuxDwH3es4HAAwBnJI73wG3gAAAAA
cache-control
max-age=25920000, public
via
1.1 16af463a01c5a83f3019835cbbb82152.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
511610
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-RWGKBXXH18&gtm=45je4a90v9125604406za200&_p=1728913625923&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101671035~101686685&ul=en-us&sr=1600x1200&cid=1018872417.1728913627&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.fyzical.com%2F&dt=Physical%20Therapy%20Services%20-%20Fall%20Prevention%20%7C%20FYZICAL%20Therapy%20%26%20Balance%20Centers&sid=1728913627&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2547
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWGKBXXH18&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.110 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fyzical.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.fyzical.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 13:47:07 GMT
content-type
text/plain
server
Golfe2
remediation-tool-free.js
cdn.userway.org/remediation/2024-10-08-15-28-17/free/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediation/2024-10-08-15-28-17/free/remediation-tool-free.js?ts=1728401297040
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.177.17 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
135577161.nyc.cdn77.com
Software
CDN77-Turbo /
Resource Hash
73719024df5daf498a6b4335a9a885844077b7a8573028941b0e10232917eeca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.fyzical.com
Referer
https://www.fyzical.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"3cf689b1ad56b2512461ec432fed6e86"
age
281
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
BLr04LHFvL7BwQGFOvkfNHMNS1fxODp90KxbDI6gV0rrk8q228lGLQ==
date
Mon, 14 Oct 2024 13:47:07 GMT
content-type
application/javascript
last-modified
Tue, 08 Oct 2024 15:31:45 GMT
vary
Accept-Encoding
x-77-nzt-ray
49be1408843b781cdb200d67fa132736
x-77-nzt
EgwBWbuxDwH3ec4HAAwBnJI73wG3gAAAAA
cache-control
max-age=25920000, public
via
1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
511609
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
widget_base.css
cdn.userway.org/styles/2024-10-08-15-28-17/ 		30 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/styles/2024-10-08-15-28-17/widget_base.css?v=1728401297040
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.177.17 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
135577161.nyc.cdn77.com
Software
CDN77-Turbo /
Resource Hash
92a186a4d39702090ae3d539a1cf7cc0187b99203ed928fb4514fa3fdabf566d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fyzical.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"fa9ef3811ff36e9e81b054c454f9365f"
age
392
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
h2YKRLwuveHufea2ShueDLS6Ba4oBaafg4atkgpfGt1CD8t046qhDw==
date
Mon, 14 Oct 2024 13:47:07 GMT
content-type
text/css
last-modified
Tue, 08 Oct 2024 15:30:57 GMT
vary
Accept-Encoding
x-77-nzt-ray
49be14084a278514db200d67447f1937
x-77-nzt
EgwBWbuxDwH3ec4HAAwBWbuxDAG3EQAAAA
cache-control
max-age=864000, public
via
1.1 af81a253e57ed5b111fa0052bfc87f2e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
511609
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
body_wh.svg
cdn.userway.org/widgetapp/images/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.177.17 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
135577161.nyc.cdn77.com
Software
CDN77-Turbo /
Resource Hash
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fyzical.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
suPkBZ0qzdeEyo2CqCPuWg_pfErkmvPpeU2vsA1Ub2pmR-IGrWc0SA==
date
Mon, 14 Oct 2024 13:47:08 GMT
content-type
image/svg+xml
x-77-nzt-ray
49be14084a278514dc200d67eed9a006
vary
Accept-Encoding
last-modified
Tue, 08 Oct 2024 15:31:36 GMT
x-77-nzt
EgwBWbuxDwH3e84HAAwBnJI76AG3EQAAAA
cache-control
max-age=25920000, public
via
1.1 33b70e58e860e3444a806072eb0401a6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
511611
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
spin_wh.svg
cdn.userway.org/widgetapp/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.177.17 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
135577161.nyc.cdn77.com
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fyzical.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
W9T_Spg6u9nRIoKY-5aPb85Brm9eH5v6gGklRvBI64BzkACFMFn_4g==
date
Mon, 14 Oct 2024 13:47:08 GMT
content-type
image/svg+xml
x-77-nzt-ray
49be14084a278514dc200d6763bea606
vary
Accept-Encoding
last-modified
Tue, 08 Oct 2024 15:31:37 GMT
x-77-nzt
EgwBWbuxDwH3e84HAAwBuTvfFAG3EQAAAA
cache-control
max-age=25920000, public
via
1.1 100ce1d37f67e6c59753cd4c9c473afc.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
511611
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
FYZICAL_WEB_BANNER_REVISED_FEB_2023_compress.mp4
www.fyzical.com/slideshows/1723/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fyzical.com/slideshows/1723/FYZICAL_WEB_BANNER_REVISED_FEB_2023_compress.mp4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fyzical.com/

Response headers

x-sucuri-cache
HIT
x-sucuri-id
12020
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=315360000
etag
"871238-5fbe5aa1ae488"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
Content-Length
8852024
date
Mon, 14 Oct 2024 13:47:06 GMT
x-xss-protection
1; mode=block
last-modified
Wed, 17 May 2023 15:51:43 GMT
content-type
video/mp4
server
nginx
x-frame-options
SAMEORIGIN
status
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.fyzical.com%2F/DESKTOP/WIDGET_OFF/ 		77 B
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.fyzical.com%2F/DESKTOP/WIDGET_OFF/status
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.32.173.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-173-138.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fyzical.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
etag
W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
content-length
77
date
Mon, 14 Oct 2024 13:47:13 GMT
content-type
application/json; charset=utf-8
x-service-version
seo-w-bf1cccec
vary
Accept-Encoding
access-control-allow-headers
*

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| CLIENTMAIN_URL string| ELCID object| ccjson string| client_company string| client_country object| psloadedscripts number| CTID object| jqq function| $ object| dataLayer object| pssdiv function| loadScripts number| waitForJqueryInterval function| getFnName function| isemaddr function| isielt function| loadWidget object| pslazies_yes object| pslazies_no object| options object| observer function| checkbodyscroll function| jQuery function| _ boolean| videoautoplay object| UserWayWidgetApp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal function| __assign function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| CONTROLS_WITH_TEXT_TAGS object| INPUT_TYPES_WITH_TEXT_CONTENT function| isInputElementWithText function| isDirectParentOfText object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __rest object| messageStream object| _userway_config boolean| _userway object| gaplugins object| gaData object| UserWay function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async

5 Cookies

Domain/Path Name / Value
.fyzical.com/ Name: _ga_7YX3L5FMRZ
Value: GS1.1.1728913626.1.0.1728913626.0.0.0
.fyzical.com/ Name: _ga
Value: GA1.2.1018872417.1728913627
.fyzical.com/ Name: _gid
Value: GA1.2.180986680.1728913627
.fyzical.com/ Name: _gat_UA-44267312-2
Value: 1
.fyzical.com/ Name: _ga_RWGKBXXH18
Value: GS1.2.1728913627.1.0.1728913627.0.0.0

2 Console Messages

Source Level URL
Text
network error URL: https://www.fyzical.com/%E2%80%9C//cdn.rlets.com/capture_static/mms/mms.js%E2%80%9D
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://www.fyzical.com/
Message:
Refused to execute script from 'https://www.fyzical.com/%E2%80%9C//cdn.rlets.com/capture_static/mms/mms.js%E2%80%9D' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
capturelogger-prod-usa.localiq.com
cdn.rlets.com
cdn.userway.org
fyzical.com
www.fyzical.com
www.google-analytics.com
www.googletagmanager.com
142.250.80.104
142.251.32.110
18.173.132.125
192.124.249.20
44.230.24.246
52.32.173.138
89.187.177.17
0265a5b0ced92e1c2e77160fc02bcd38bf024f388fb881cb933dbe04af3c2029
0832e3be1243cebf1699a649681b722dc496fd54f9712dde4d44ae7b8d1b209b
13a528827f803c2ea9d6e1d4f678b91e7650e487277199dd7cd5a28166601dac
19aae78d7beaecfaffbb36932e908f578d5a72432ba663accc95815a9f2cd21f
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
34a9be41eda35f998a1142e34c7f5566c94db12fdaa52ecba9e71b64184a5f59
3d8e60c9949c9fb7d715ddea6531534b1863abfc0c319cefc2b93d70789359ac
49e1d52c28d4a4bdc6aa46255b83a6d86a27eb7b6f3e676b7f318a223be3161b
50e88a8fea99c489498dd4def3d6f5d3857cbcd00b770c6bcd9d5335b13d7066
6ef94c6dd3b250c666ae6b2ffb3cc72e3f31f54cedc04b4f6528f5c99393d359
6fcefabe47a9bec4d8f00bb01160b67d9cb502bc04625b142595d34232c76005
73719024df5daf498a6b4335a9a885844077b7a8573028941b0e10232917eeca
7aee9797c8d5bbe863b4e485692bb90133a0e3fc2718923d0542232d539437ff
811590a1181eacb2b558ea6c7db63a35e6c2e8b76680552426f2605f09e59e2f
8cbfd4e0dc8aa80e36a4efcfbf3a2c5325976a68c9f4b3f91ea89fecd9a3bdb1
8e04a3b21e24010aac919e536c79718c2fbf1e4b4b2a86788d1e15c72af29c21
92a186a4d39702090ae3d539a1cf7cc0187b99203ed928fb4514fa3fdabf566d
93b95cb7373f5924c1b48bc326e7bd039de40eddf4f45dafca08abe5afb22371
99277b482fc8cba37ba268d151a26743c3c1a8f90055a6d8a7c1f9235121a10f
a1ffdc7d770c3d4d6b04d0582d5831ddf809068ad99e82d241b6f7d502a5e72a
ad1a99af2fa935f6a6486b9b71e420851019e3f1c81c41c5e93f912266a2fcbe
b28bce71e0cf155f3c9f56c2f2d7fdb087a497adbd61d412da8fffe954f9c323
b4c0e7687f161f12aa610b4356bc733726fd14cd1561a4dc9b942eb29209f193
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d90e0630bf2abb2dd98c6688feb1232440c46b7ba098f21cdbf7500504b11c
eea68da9327d445880e84c3c5b6b6c6f0c8be180710a79731056c68b1fe66004
fcbd22fcf355f8ca1b4eee520ca2541bb02fa8c77ccfe2d2795570b89a7fd134