visionhealthsupport.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://visionhealthsupport.com/
Submission: On June 08 via automatic, source certstream-suspicious (June 8th 2022, 6:13:15 am UTC) — Scanned from DE

Summary HTTP 131 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 47 IPs in 6 countries across 35 domains to perform 131 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is visionhealthsupport.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 8th 2022. Valid for: a year.

This is the only time visionhealthsupport.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2600:9000:224... 2600:9000:224a:cc00:1a:70ff:e780:21	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
8	2600:9000:225... 2600:9000:2251:bc00:9:19ed:21c0:21	16509 (AMAZON-02) (AMAZON-02)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:310... 2606:4700:3108::ac42:2b73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3033::6815:4e02	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	108.157.4.21 108.157.4.21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:310... 2606:4700:3108::ac42:2b16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
1	52.222.236.43 52.222.236.43	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	88.221.18.62 88.221.18.62	16625 (AKAMAI-AS) (AKAMAI-AS)
2	107.178.240.224 107.178.240.224	15169 (GOOGLE) (GOOGLE)
1	18.66.139.28 18.66.139.28	16509 (AMAZON-02) (AMAZON-02)
1	54.171.41.113 54.171.41.113	16509 (AMAZON-02) (AMAZON-02)
2	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6 10	52.48.130.160 52.48.130.160	16509 (AMAZON-02) (AMAZON-02)
3 4	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::622	54113 (FASTLY) (FASTLY)
17	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223e:fe00:1c:af45:4480:21	16509 (AMAZON-02) (AMAZON-02)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2016	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001::9	15169 (GOOGLE) (GOOGLE)
131	47

7 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

visionhealthsupport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2600:9000:224a:cc00:1a:70ff:e780:21 (United States)

ASN16509 (AMAZON-02, US)

d39ldsmboekjvi.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2251:bc00:9:19ed:21c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1dxl9bi1wmkcn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

zenithlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3108::ac42:2b73 (United States)

ASN13335 (CLOUDFLARENET, US)

display.buygoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.buygoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:4e02 (United States)

ASN13335 (CLOUDFLARENET, US)

zenithlabs.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-21.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2b16 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.buygoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.18.62 (London, United Kingdom)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-18-62.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.240.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.240.178.107.bc.googleusercontent.com

koi-3qnszs13fy.marketingautomation.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-28.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.41.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-41-113.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.31 (Harrodsburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.217 (United States)

ASN54113 (FASTLY, US)

tag.perfectaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.48.130.160 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-130-160.eu-west-1.compute.amazonaws.com

pixel-geo.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.11 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:fe00:1c:af45:4480:21 (United States)

ASN16509 (AMAZON-02, US)

dnpstz0jclxjm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr4---sn-4g5ednsy.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	cloudfront.net d39ldsmboekjvi.cloudfront.net d1dxl9bi1wmkcn.cloudfront.net dnpstz0jclxjm.cloudfront.net	2 MB
17	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	815 KB
13	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42 ajax.googleapis.com — Cisco Umbrella Rank: 277 jnn-pa.googleapis.com — Cisco Umbrella Rank: 275	64 KB
10	prfct.co 6 redirects pixel-geo.prfct.co — Cisco Umbrella Rank: 14003	4 KB
7	visionhealthsupport.com visionhealthsupport.com	32 KB
6	googlevideo.com rr4---sn-4g5ednsy.googlevideo.com	1 MB
5	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 84 cm.g.doubleclick.net — Cisco Umbrella Rank: 191 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 static.doubleclick.net — Cisco Umbrella Rank: 338	2 KB
4	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 391	4 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 991 trc.taboola.com — Cisco Umbrella Rank: 633 trc-events.taboola.com — Cisco Umbrella Rank: 1652	19 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 584 script.hotjar.com — Cisco Umbrella Rank: 713 vars.hotjar.com — Cisco Umbrella Rank: 832 in.hotjar.com — Cisco Umbrella Rank: 1585	67 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	489 B
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2032 tr.outbrain.com — Cisco Umbrella Rank: 1872	4 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 324	12 KB
3	buygoods.com display.buygoods.com — Cisco Umbrella Rank: 491080 tracking.buygoods.com — Cisco Umbrella Rank: 371196 www.buygoods.com — Cisco Umbrella Rank: 587015	8 KB
3	gstatic.com fonts.gstatic.com	46 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 213	5 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 279	490 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	14 KB
2	marketingautomation.services koi-3qnszs13fy.marketingautomation.services	5 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	115 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4989	2 KB
2	zenithlabs.xyz zenithlabs.xyz	14 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 111	48 KB
1	wistia.com fast.wistia.com — Cisco Umbrella Rank: 4378	110 KB
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 306	239 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 348	274 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 506	354 B
1	perfectaudience.com tag.perfectaudience.com — Cisco Umbrella Rank: 16000	4 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6117	501 B
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 5985	232 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	86 KB
1	zenithlabs.com zenithlabs.com — Cisco Umbrella Rank: 855314	76 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 671	21 KB
0	maropost.com Failed content.maropost.com Failed
131	35

	Domain	Requested by
21	d39ldsmboekjvi.cloudfront.net	visionhealthsupport.com
17	www.youtube.com	visionhealthsupport.com www.youtube.com
10	pixel-geo.prfct.co	6 redirects
8	d1dxl9bi1wmkcn.cloudfront.net	visionhealthsupport.com
8	fonts.googleapis.com	visionhealthsupport.com d39ldsmboekjvi.cloudfront.net zenithlabs.xyz
7	visionhealthsupport.com	visionhealthsupport.com ajax.googleapis.com
6	rr4---sn-4g5ednsy.googlevideo.com	www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
4	secure.adnxs.com	3 redirects
3	www.facebook.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	trc-events.taboola.com	cdn.taboola.com
2	cm.g.doubleclick.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects
2	www.google.com	www.youtube.com
2	tr.outbrain.com	amplify.outbrain.com
2	koi-3qnszs13fy.marketingautomation.services	visionhealthsupport.com koi-3qnszs13fy.marketingautomation.services
2	connect.facebook.net	visionhealthsupport.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	dev.visualwebsiteoptimizer.com	visionhealthsupport.com
2	zenithlabs.xyz	visionhealthsupport.com zenithlabs.xyz
1	i.ytimg.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	googleads.g.doubleclick.net	www.youtube.com
1	dnpstz0jclxjm.cloudfront.net
1	fast.wistia.com	ajax.googleapis.com
1	pixel.rubiconproject.com
1	us-u.openx.net
1	analytics.twitter.com
1	tag.perfectaudience.com	koi-3qnszs13fy.marketingautomation.services
1	www.google.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	in.hotjar.com	script.hotjar.com
1	trc.taboola.com	cdn.taboola.com
1	vars.hotjar.com	static.hotjar.com
1	amplify.outbrain.com	visionhealthsupport.com
1	cdn.taboola.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	pro.ip-api.com	d39ldsmboekjvi.cloudfront.net
1	www.buygoods.com
1	tracking.buygoods.com	visionhealthsupport.com
1	static.hotjar.com	visionhealthsupport.com
1	www.googletagmanager.com	visionhealthsupport.com
1	ajax.googleapis.com	visionhealthsupport.com
1	display.buygoods.com	visionhealthsupport.com
1	zenithlabs.com	d39ldsmboekjvi.cloudfront.net
1	maxcdn.bootstrapcdn.com	visionhealthsupport.com
0	content.maropost.com Failed	visionhealthsupport.com
131	50

This site contains links to these domains. Also see Links.

Domain
www.buygoods.com
zenithlabs.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-08` - `2023-06-07`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.zenithlabs.com E1	`2022-05-01` - `2022-07-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-17` - `2022-06-15`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.marketingautomation.services GlobalSign RSA OV SSL CA 2018	`2022-06-03` - `2023-07-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.perfectaudience.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-05` - `2023-02-06`	a year	crt.sh
*.prfct.co Sectigo RSA Domain Validation Secure Server CA	`2021-11-02` - `2022-11-02`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-05-24` - `2022-08-02`	2 months	crt.sh

This page contains 3 frames:

Primary Page: https://visionhealthsupport.com/
Frame ID: 3C0CFC5D17FB429E70CC04C8662BE629
Requests: 98 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: D9CF664B053AF367EF47C9B9B3A4C01F
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/qlkFoHZioFo?autoplay=0&controls=0&playsinline=1&modestbranding=1&fs=0&mute=1&loop=1&rel=0&showinfo=0&origin=https%3A%2F%2Fvisionhealthsupport.com&enablejsapi=1&widgetid=1
Frame ID: 0697BA93E425685482934ADA99E5D442
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vision 20 - Official Website

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

UIKit (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+class="[^"]*(?:uk-container|uk-section)
uikit.*\.js

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

<(?:iframe|img)[^>]+adnxs\.(?:net|com)
adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

131
Requests

93 %
HTTPS

57 %
IPv6

35
Domains

50
Subdomains

47
IPs

6
Countries

5163 kB
Transfer

9086 kB
Size

39
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.buygoods.com/secure/?sessid2=sessid20220608061316660&aff_id=8039&account_id=5405&screen=checkout_vision&product_codename=vision20_goo20_main_3&redirect=aHR0cHM6Ly9WaXNpb25IZWFsdGhTdXBwb3J0LmNvbS91MS0yNDEv
Title: Add to Order!

Search URL Search Domain Scan URL

URL: https://www.buygoods.com/secure/?sessid2=sessid20220608061316660&aff_id=8039&account_id=5405&screen=checkout_vision&product_codename=vision20_goo20_main_1&redirect=aHR0cHM6Ly9WaXNpb25IZWFsdGhTdXBwb3J0LmNvbS91MS0yNDEv
Title: Add to Order!

Search URL Search Domain Scan URL

URL: https://www.buygoods.com/secure/?sessid2=sessid20220608061316660&aff_id=8039&account_id=5405&screen=checkout_vision&product_codename=vision20_goo20_main_6&redirect=aHR0cHM6Ly9WaXNpb25IZWFsdGhTdXBwb3J0LmNvbS91MS0yNDEv
Title: Add to Order!

Search URL Search Domain Scan URL

URL: https://zenithlabs.com/jv/affiliates/
Title: Affiliates

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://pixel-geo.prfct.co/tagjs?a_id=165245&source=js_tag HTTP 302
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=165245&source=js_tag

Request Chain 81

https://secure.adnxs.com/getuid?https://pixel-geo.prfct.co/usermap/?xid=$UID&sid=202206|62a03df4ffb144735d6ed63c&pid=pa_Zil3TF5mBb5mOOrpN HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel-geo.prfct.co%2Fusermap%2F%3Fxid%3D%24UID%26sid%3D202206%7C62a03df4ffb144735d6ed63c%26pid%3Dpa_Zil3TF5mBb5mOOrpN HTTP 302
https://pixel-geo.prfct.co/usermap/?xid=2398620527080118440&sid=202206|62a03df4ffb144735d6ed63c&pid=pa_Zil3TF5mBb5mOOrpN

Request Chain 82

https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_Zil3TF5mBb5mOOrpN

Request Chain 83

https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_Zil3TF5mBb5mOOrpN&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_Zil3TF5mBb5mOOrpN&_origin=1&verify=true

Request Chain 84

https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_Zil3TF5mBb5mOOrpN

Request Chain 85

https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_Zil3TF5mBb5mOOrpN

Request Chain 86

https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfWmlsM1RGNW1CYjVtT09ycE4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfWmlsM1RGNW1CYjVtT09ycE4&google_tc= HTTP 302
https://pixel-geo.prfct.co/cb?partnerId=goo

Request Chain 88

https://secure.adnxs.com/seg?t=2&add=26585915 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D26585915

131 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
visionhealthsupport.com/ 21 KB
7 KB 378ms
266ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ceeb108d9e245e9875d7be9e20f61d653a069b33e24d3deae228c917b06f2cc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 717f7ac8693f9b94-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 08 Jun 2022 06:13:06 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8pEzCl4MXRzocRfnQGcHu%2ByQkO5ofk0pBYICahChOL04NJfVaXcGYpFkGmJa2CoznaADr72%2FBImKPufRKDfVLx%2B32p1EQaZ2sNGbYZtvnb5hYIyX6o0ix5lxz8HHOdP6C2xs8xFYedMxXRsX3iyjmYD%2BcgwSw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 118 KB
21 KB 124ms
46ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css

Requested by

Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 860
age: 8595614
cdn-cachedat: 02/17/2022 20:27:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"2f624089c65f12185e79925bc5a7fc42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 441a5c346e6138207e493340368ec0b9
cf-ray: 717f7aca9f829171-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 style.min.css
visionhealthsupport.com/index-assets/css/ 21 KB
6 KB 264ms
263ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visionhealthsupport.com/index-assets/css/style.min.css
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a2c70b103749bbd9791429072b37b00f5fa07181977ba012c69038be2986ba3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 15 May 2020 19:49:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxCgvdQdidlavRwB6mh1sOF0pfFbSkIngLDd0G7Ev34YogcExFWnIOXEaDjIFgmyCbj4PeG5JrAtP7rdSkTifFoslYk3pLPiGfburKVCQ04yCxztEd0jk55cuc5pthZnPtv2eDHWgy7YDIdqitPbY0KZxmNgzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 717f7aca1cd09b94-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 08 Jul 2022 06:13:06 GMT

GET
H2 200 global.css
d39ldsmboekjvi.cloudfront.net/css/ 22 KB
5 KB 138ms
43ms Stylesheet
text/css 2600:9000:224a:cc00:1a:70ff:e780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d39ldsmboekjvi.cloudfront.net/css/global.css
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:cc00:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 118cac6e4d60f11f0cf8a5ed911fd41047d7591a176f9eaa261df65ef98c6553

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 07:04:05 GMT
content-encoding: gzip
last-modified: Thu, 19 May 2022 15:08:24 GMT
server: AmazonS3
age: 83342
etag: W/"3a101abb9bbb9161565a7f6d5cd1c3b2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: YR5aCl6Iw3hFXxODrmXbahPIc8fEAHy.
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
content-type: text/css
x-amz-cf-id: DbvzvRA7egnW4kY07qsEchO3MCMXVt8GFd5ro9305do_Q3AchNmBGg==

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 129ms
46ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400

Requested by

Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f9667f65fc5b852ce86f4f3b6df2b7775925fa0b582ce45ec6a181a9cd19c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 05:09:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 06:13:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jun 2022 06:13:06 GMT

GET
H2 200 uikit_zenith_sites.min.css
d39ldsmboekjvi.cloudfront.net/css/ 143 KB
25 KB 215ms
121ms Stylesheet
text/css 2600:9000:224a:cc00:1a:70ff:e780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d39ldsmboekjvi.cloudfront.net/css/uikit_zenith_sites.min.css
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:cc00:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e02972174a4118b70436ce04878407ef114ad45dfdd6ed4565e71c097c418c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 20:32:48 GMT
content-encoding: gzip
last-modified: Tue, 22 Feb 2022 03:17:18 GMT
server: AmazonS3
age: 34819
etag: W/"6853ae4412008f70273d886c74b67620"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: _HKPpEwAsMNv0XXqow8.nmAjUMc5R0mm
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
content-type: text/css
x-amz-cf-id: mZ6XUiPX0YXxID1RYnTF87QNFuJM_-1ohdlv5OgKoQAzFwTd-kEPKg==

GET
H2 200 icon-sound-white-left.png
d39ldsmboekjvi.cloudfront.net/images/ 3 KB
3 KB 201ms
123ms Image
image/png 2600:9000:224a:cc00:1a:70ff:e780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d39ldsmboekjvi.cloudfront.net/images/icon-sound-white-left.png
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:cc00:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 104d58ef6836f59af39cc368ca44d02ee5d24e96f4c66f9381a7a8d61fbeb23a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: XEnvvJY0CwpW_iyy4sEwFQNxvWcegx7T
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
last-modified: Fri, 19 Mar 2021 17:19:56 GMT
server: AmazonS3
age: 19796
etag: "2860a46a929a34328b4dc8eea3a3158e"
x-cache: Hit from cloudfront
content-type: image/png
date: Wed, 08 Jun 2022 00:43:11 GMT
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 2661
x-amz-cf-id: 6JBesGZLjK1lihhzTW7NSTCHkBXrnjzUb88JAVwDZXUCAwZpOXqxew==

GET
H2 200 icon-sound-white-right.png
d39ldsmboekjvi.cloudfront.net/images/ 3 KB
3 KB 193ms
116ms Image
image/png 2600:9000:224a:cc00:1a:70ff:e780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d39ldsmboekjvi.cloudfront.net/images/icon-sound-white-right.png
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:cc00:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12156f127aa113789157e9b4483c5d0b01bb51d9031e73abd6e215acffc239c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 06:55:12 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
last-modified: Fri, 19 Mar 2021 17:19:57 GMT
server: AmazonS3
age: 83875
etag: "27b267cd24c371af1af4ccaca426fbe9"
x-cache: Hit from cloudfront
x-amz-version-id: 0FyhwOPLOoO5MLYAuQErRoheLdO2d.O3
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 2711
x-amz-cf-id: avqAGilQT9rLzhNBpqpVYX06d6LwVJM8zIy8fHFH9CRlgWX-JJasLg==

GET
H2 200 cboverlay.jpg
d1dxl9bi1wmkcn.cloudfront.net/vsl/ 586 KB
587 KB 607ms
514ms Image
image/jpeg 2600:9000:2251:bc00:9:19ed:21c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1dxl9bi1wmkcn.cloudfront.net/vsl/cboverlay.jpg
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:bc00:9:19ed:21c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ad34b360b0c44510fbb0aa14a052a571fd7b401f9ff114ebc4283b9cf3feb52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:07 GMT
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
last-modified: Tue, 12 May 2020 17:30:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: "bcd6fce852fd98d8d201b7c792f937fe"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 599573
x-amz-cf-id: 3hm2P3a0iY7g_qyfWc9-ZF3u-TyKGMbwofoGfDMV6-duT6SIIof5xA==

GET
H2 200 dr-ryan-shelton.png
d39ldsmboekjvi.cloudfront.net/images/ 76 KB
76 KB 129ms
53ms Image
image/png 2600:9000:224a:cc00:1a:70ff:e780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d39ldsmboekjvi.cloudfront.net/images/dr-ryan-shelton.png
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:cc00:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f2f4bb52429ce2bbe04f32c60fd6f6ff9f0a785bf9abb0d3e5529504f247d38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 06:55:12 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
last-modified: Tue, 22 Feb 2022 02:58:07 GMT
server: AmazonS3
age: 83875
etag: "2eedbec81b07802678e17a462d3840ef"
x-cache: Hit from cloudfront
x-amz-version-id: KY_fosChUjvreADt9xHMUrckclyt4cBt
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 77512
x-amz-cf-id: 1p73TDXIFn1ibKrCCMcXVwQYl4pIJSMoHnKt2sQLRIlzFU_OZNZfJw==

GET
H2 200 dr-ryan-shelton-overlay.png
d39ldsmboekjvi.cloudfront.net/images/ 12 KB
13 KB 203ms
126ms Image
image/png 2600:9000:224a:cc00:1a:70ff:e780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d39ldsmboekjvi.cloudfront.net/images/dr-ryan-shelton-overlay.png
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:cc00:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b45a61b6311dfb0b72551f2a1f5eca1b372b14f46c0c96830b15c95aaf388e17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: LBbNwy_30csW1HuPkd6YbyClMjReAbFh
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
last-modified: Tue, 20 Nov 2018 01:46:02 GMT
server: AmazonS3
age: 19796
etag: "446ef616ec92d84ced503824ce0bc3ed"
x-cache: Hit from cloudfront
content-type: image/png
date: Wed, 08 Jun 2022 00:43:11 GMT
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 12678
x-amz-cf-id: yk-L4ewhoLkIYS3gmJkMGFZMCfhF7NykUFD48OH-Hy1RLSbLHXVNAQ==
x-amz-meta-s3b-last-modified: 20181120T014554Z

GET
H2 200 3pack.jpg
d39ldsmboekjvi.cloudfront.net/images/products/vision20/ 40 KB
40 KB 99ms
98ms Image
image/jpeg 2600:9000:224a:cc00:1a:70ff:e780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d39ldsmboekjvi.cloudfront.net/images/products/vision20/3pack.jpg
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:cc00:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 194cb69271d893fbd927108b9972de33600d339d2c9332c21a78bf22c2167556

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 10:38:17 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
last-modified: Wed, 30 Mar 2022 19:02:05 GMT
server: AmazonS3
age: 70490
etag: "cd3978b37b638cd79435c8b3460199cc"
x-cache: Hit from cloudfront
x-amz-version-id: uuV3V5enYfi4smpCSFVzXrZFSDUOxCaf
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/jpeg
content-length: 41006
x-amz-cf-id: akhhDYsSDTubmsQ_lQcfhQu450L-fL6mtay2gkrkJNjTjIo6eiPHOA==

GET
H2 200 credit-card-icons.png
d39ldsmboekjvi.cloudfront.net/images/ 40 KB
40 KB 167ms
166ms Image
image/png 2600:9000:224a:cc00:1a:70ff:e780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d39ldsmboekjvi.cloudfront.net/images/credit-card-icons.png
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:cc00:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef887236c76fd7bdc9569ebcb6ef29cdc26665cf434ddbe2f53bd0a951c82e13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: oQuxlmnU8cmfF0JZpftczL02bDDo2VKK
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
last-modified: Tue, 20 Nov 2018 17:38:17 GMT
server: AmazonS3
age: 27748
etag: "181466e4a7ad68649bdb69c7f05e746a"
x-cache: Hit from cloudfront
content-type: image/png
date: Tue, 07 Jun 2022 22:30:38 GMT
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 40927
x-amz-cf-id: OipHEEa3RbTy-_IwoWjnXAGYB-8365R603N5KAehYgci3jjcffetOg==
x-amz-meta-s3b-last-modified: 20181120T173745Z

GET
H2 200 dom_shipping.jpg
d39ldsmboekjvi.cloudfront.net/images/ 12 KB
13 KB 109ms
108ms Image
image/jpeg 2600:9000:224a:cc00:1a:70ff:e780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d39ldsmboekjvi.cloudfront.net/images/dom_shipping.jpg
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:cc00:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c512a3512d845b648eec688471d5923214b616fdc4882f8abec8646e3902a0ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: cNTz2UbHTrSLuSXE2Yz.I4d6sl2ZRimW
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
last-modified: Fri, 22 Apr 2022 14:26:09 GMT
server: AmazonS3
age: 84908
etag: "4e32fad7018b42789465d31e94e7d0bf"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Tue, 07 Jun 2022 06:37:59 GMT
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 12736
x-amz-cf-id: TSuV1vGEIJa3v-nYIZj_RzA3shUyZTu6pJCKg2oBlsXlLFpD0YIZoA==

GET
H2 200 intl_shipping.jpg
d39ldsmboekjvi.cloudfront.net/images/ 13 KB
13 KB 146ms
145ms Image
image/jpeg 2600:9000:224a:cc00:1a:70ff:e780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d39ldsmboekjvi.cloudfront.net/images/intl_shipping.jpg
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:cc00:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 885845a9670614c0b8dbbf100d2ba0378921667178048afdb42b19d43d2c10ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: gtN4o4onoB33_wgnNK9VywPUIf4t56l_
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
last-modified: Thu, 28 Feb 2019 22:22:54 GMT
server: AmazonS3
age: 13028
etag: "436cfd316279d6abfa9b81feecc0b4aa"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Wed, 08 Jun 2022 06:13:06 GMT
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 13304
x-amz-cf-id: 0QqcV5Os7iixUqbeCK8QC2bNbB8m96YIRUIJAlE_QsSZ8_6x11uoIg==

GET
H2 200 1pack.jpg
d39ldsmboekjvi.cloudfront.net/images/products/vision20/ 34 KB
34 KB 150ms
149ms Image
image/jpeg 2600:9000:224a:cc00:1a:70ff:e780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d39ldsmboekjvi.cloudfront.net/images/products/vision20/1pack.jpg
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:cc00:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebaa3e324569894c27796dd279e6fa899162d869084d3d9893d8260a22e3e363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: kLmpf7pFq4brIJQFBxCoWCQdGkGlsTL2
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
last-modified: Wed, 30 Mar 2022 19:02:04 GMT
server: AmazonS3
age: 408
etag: "0a46d0edd93466dfc76b33392a0a3d1b"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Wed, 08 Jun 2022 06:13:06 GMT
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 34678
x-amz-cf-id: VtsSCEcIgiZc3iBS4trhmv3w_DVi0r0dVK9884iL7O4stTODhsxG2g==

GET
H2 200 6pack.jpg
d39ldsmboekjvi.cloudfront.net/images/products/vision20/ 44 KB
45 KB 129ms
128ms Image
image/jpeg 2600:9000:224a:cc00:1a:70ff:e780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d39ldsmboekjvi.cloudfront.net/images/products/vision20/6pack.jpg
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:cc00:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5929d0cbf06fb25f8d13c25374fe3ae2bfd1d9b8173abf585520c4f1c07ac94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: dPENdRl1sKWm28u7a5qdn51r9FuD3q9W
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
last-modified: Wed, 30 Mar 2022 19:02:01 GMT
server: AmazonS3
age: 408
etag: "f578f6514abcde2a51d3bff97eea3aa8"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Wed, 08 Jun 2022 06:13:06 GMT
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 45297
x-amz-cf-id: QIl4DRwQU8moWLTnS2qML2_X4n06G8BhxJdv3Df_QP0ojqUyqc0pWA==

GET
H2 200 free_shipping.jpg
d39ldsmboekjvi.cloudfront.net/images/ 10 KB
11 KB 124ms
123ms Image
image/jpeg 2600:9000:224a:cc00:1a:70ff:e780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d39ldsmboekjvi.cloudfront.net/images/free_shipping.jpg
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:cc00:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80d7edf7a24031f445afc6c4056014fc7cd5f368105f485bdb79d73d0e251baa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 06:37:59 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
last-modified: Thu, 28 Feb 2019 22:22:53 GMT
server: AmazonS3
age: 84908
etag: "8f282f99e63923648fbd6ca73d74936e"
x-cache: Hit from cloudfront
x-amz-version-id: An62LR9YAH_31xHq_1rq6WDy7.kEpoCN
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/jpeg
content-length: 10538
x-amz-cf-id: amXy6Dk41IT28VWdKpFZBOwTtYloIw1m7zHTFaapvQQ6tyMI2wOblQ==

GET
H2 200 vision20_label.jpg
d1dxl9bi1wmkcn.cloudfront.net/vsl/ 318 KB
319 KB 526ms
434ms Image
image/jpeg 2600:9000:2251:bc00:9:19ed:21c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1dxl9bi1wmkcn.cloudfront.net/vsl/vision20_label.jpg
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:bc00:9:19ed:21c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37e0f772e1be5ee08fcb5e4857cf5a64e4a791dc3fecd895ae76ba2e7ecee180

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:07 GMT
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
last-modified: Tue, 29 Mar 2022 17:07:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: "ef3b6cd01adf64d69b9b4c8033d6c58c"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 325724
x-amz-cf-id: ZBuBUeG1YcMbTylQr5X8dEWitLEdgJvwBfE2903xj-JrwuC8_xYV5w==

GET
H2 200 quotation.png
visionhealthsupport.com/index-assets/images/ 4 KB
5 KB 258ms
257ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visionhealthsupport.com/index-assets/images/quotation.png
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f4784a7f6c245b18964132eec4bd16639969fe76fa976159471c619e89ffddf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:06 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Sep 2018 19:37:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Dot2GrMUF%2FYXBG1413JSjOhZ4cjgs23zMNOMJKAkHSnqwMDyD3%2FriXPlh%2BRFk9MpYRw4bwhy4j%2BJfikVDwxC4CygvoEecxzc3z1CJjqdqAuM3pB1LQp1j9oG00eOwsFT7fIKmI%2F6%2BZBX5NnecNoLTjxTUj0UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 717f7aca3d0d9b94-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4488
expires: Thu, 08 Jun 2023 06:13:06 GMT

GET
H2 200 certified-vision.png
d39ldsmboekjvi.cloudfront.net/images/ 13 KB
13 KB 142ms
141ms Image
image/png 2600:9000:224a:cc00:1a:70ff:e780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d39ldsmboekjvi.cloudfront.net/images/certified-vision.png
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:cc00:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae12c94f9d26ae791c4b27d2045df90397fffc491215eae7e47349b63640faa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: F6b3V2Cd6MHhXMajkIjGxcMBfdbsiuL7
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Feb 2021 17:18:02 GMT
server: AmazonS3
age: 408
etag: "def42f15d56b4ea141413d30fef52467"
x-cache: Hit from cloudfront
content-type: image/png
date: Wed, 08 Jun 2022 06:13:06 GMT
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 12806
x-amz-cf-id: E3zNj0Hs9rbwKH0UDjU_E-xovzTZk8PZXUW3UOmglrM_wzizUIz4XA==

GET
H2 200 email-decode.min.js Show response
visionhealthsupport.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 43ms
39ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://visionhealthsupport.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 01 Jun 2022 16:41:14 GMT
server: cloudflare
etag: W/"629796aa-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EcZX85DK8%2FJ9OeKk76t%2B9W7mF4ETWSSgA4HKisQ1UcHTBXg66pc9MoyAX6BLht1b9TLc4jIWA1mywv483UH06pJDH4nng9gp3NdFbIjpN%2FExVO55edPTt%2BmvMZLj%2FonaVMDSQjtWvqq7YOBrFfEHi1HcRb8Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 717f7aca3d0b9b94-FRA
vary: Accept-Encoding
expires: Fri, 10 Jun 2022 06:13:06 GMT

GET
H2 200 rocket-loader.min.js Show response
visionhealthsupport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 43ms
42ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://visionhealthsupport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 01 Jun 2022 16:41:14 GMT
server: cloudflare
etag: W/"629796aa-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQsD%2BqLRemHlMkE%2F0YK1nmpEcEJeyWk5nFegi7m7lS4a5Q%2BHta4f1ZaqQ4lNHHqJ%2F3qmvH%2F%2BPE4RekGZkr80%2BaGEPkP1rgBAjFmJuRlVj443yKuTNvgu3uwdOq%2FpviJW05huwYJ7rTU9lk5CVoNHlIYrGMR2Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 717f7aca3d109b94-FRA
vary: Accept-Encoding
expires: Fri, 10 Jun 2022 06:13:06 GMT

GET
H3 200 css
fonts.googleapis.com/ 16 KB
1 KB 125ms
49ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: d39ldsmboekjvi.cloudfront.net
URL: https://d39ldsmboekjvi.cloudfront.net/css/global.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b4299b11549a1ac3b939d55f7366bc2d77f4c70c57f96bf6383e5a3e1eea1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d39ldsmboekjvi.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 06:13:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 06:13:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jun 2022 06:13:06 GMT

GET
H3 200 css
fonts.googleapis.com/ 7 KB
633 B 47ms
46ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:400,500,600,700

Requested by

Host: d39ldsmboekjvi.cloudfront.net
URL: https://d39ldsmboekjvi.cloudfront.net/css/uikit_zenith_sites.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ddf4e5e63c47e5bf5ac84ed972d39aadb987fe549b4f84736b0de99ffdf49f91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d39ldsmboekjvi.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 06:01:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 06:13:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jun 2022 06:13:06 GMT

GET
H3 200 css
fonts.googleapis.com/ 5 KB
667 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: d39ldsmboekjvi.cloudfront.net
URL: https://d39ldsmboekjvi.cloudfront.net/css/uikit_zenith_sites.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d39ldsmboekjvi.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 05:20:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 06:13:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jun 2022 06:13:06 GMT

GET
H3 200 css
fonts.googleapis.com/ 1 KB
440 B 53ms
53ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow+Condensed

Requested by

Host: d39ldsmboekjvi.cloudfront.net
URL: https://d39ldsmboekjvi.cloudfront.net/css/uikit_zenith_sites.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6a27b183464b79759086b458880584b6b08b9643b2f545575431c5fc3c1b8efe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d39ldsmboekjvi.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 04:59:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 06:13:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jun 2022 06:13:06 GMT

GET
H3 200 css
fonts.googleapis.com/ 2 KB
523 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/index-assets/css/style.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d61b5e3047f8aa364bc6ea9b1a41a337d280aaa8dae27e298e1c39b5c6842804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 05:32:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 06:13:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jun 2022 06:13:06 GMT

GET
H3 200 css
fonts.googleapis.com/ 4 KB
564 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif:400,400i,700

Requested by

Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/index-assets/css/style.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1667467452b365cc17fe59b7a0d20cfd0565b58a50cd36ce26f4e3720cfe51d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 06:13:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 06:13:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jun 2022 06:13:06 GMT

GET
H2 200 bg-main.jpg
d1dxl9bi1wmkcn.cloudfront.net/vsl/ 43 KB
44 KB 48ms
48ms Image
image/jpeg 2600:9000:2251:bc00:9:19ed:21c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1dxl9bi1wmkcn.cloudfront.net/vsl/bg-main.jpg
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/index-assets/css/style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:bc00:9:19ed:21c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d229d32f11615d1fba7f8b7e215ab660e26caad16614274ac9e22f9eaf1e701a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 10:38:17 GMT
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
last-modified: Tue, 12 May 2020 17:09:52 GMT
server: AmazonS3
age: 70490
etag: "00babcf637a1208fafc4ec0b4b7f1b25"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 44383
x-amz-cf-id: N4p0PbsqX2mH18GsX-Og0tmKFvUw0tYHFae6PzBszhgbCHgSkNZvRw==

GET
H2 200 fontawesome-webfont.woff2
zenithlabs.com/fonts/ 75 KB
76 KB 797ms
699ms Font
font/woff2 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zenithlabs.com/fonts/fontawesome-webfont.woff2
Requested by: Host: d39ldsmboekjvi.cloudfront.net
URL: https://d39ldsmboekjvi.cloudfront.net/css/uikit_zenith_sites.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://d39ldsmboekjvi.cloudfront.net/
Origin: https://visionhealthsupport.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
pragma: public
last-modified: Sat, 26 Aug 2017 14:42:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3b5chrl4%2ByVsZ%2FffZzdOgCdk94B1dmCm4rKh6zZ594ZjCp9bTgHzpRp4D4BZya9UlYRm1hGNIAfb4RbmfgeGuUXsY3kZPCTVN59Pr3slIvsuHJpLB8T5kvlCn7KdZxpKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 717f7accb9d89255-FRA
expires: Sun, 07 Aug 2022 06:13:07 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v24/ 12 KB
13 KB 120ms
37ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59d09721ef5d6a8a6aa8cf8100a1eaa2ef1644bd196fc1a788ad31e16a505734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://visionhealthsupport.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:08:28 GMT
x-content-type-options: nosniff
age: 47078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12708
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 17:08:28 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v48/ 17 KB
18 KB 128ms
45ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v48/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://visionhealthsupport.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:18:01 GMT
x-content-type-options: nosniff
age: 140105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17908
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:36:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 15:18:01 GMT

GET dbeabc932710235225c9234c23d94a23a0498d91-v2.js
content.maropost.com/uploads/1273/websites/18/ 0
0

GET
H2 200 no_right_click_protection.js Show response
d39ldsmboekjvi.cloudfront.net/js/ 7 KB
3 KB 45ms
40ms Script
application/javascript 2600:9000:224a:cc00:1a:70ff:e780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d39ldsmboekjvi.cloudfront.net/js/no_right_click_protection.js
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:cc00:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9fa462febec6d5da92cfcee5764a767fe8139c88ae92506d4401f5f45289e9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 07:04:05 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 19:09:08 GMT
server: AmazonS3
age: 83342
etag: W/"a44a8a190e8438a6b33f4d1360161a2e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: O1qbEEEfyvlyDuno_9mMZaCIHL3bkxyH
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: IfjUtkKXFBH6m_fJfGCk-tIwlOHqM3WHbyEp3pJ7rr0Fc9MwT5jddg==

GET
H2 200 disclaimer Show response
display.buygoods.com/v1/ 1 KB
2 KB 306ms
216ms Script
text/plain 2606:4700:3108::ac42:2b73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=5405

Requested by

Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b13361361dead3e8f8e37c273ea784761ba62008f9a6775fa36ff671302a3236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:06 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
cf-ray: 717f7accccdb6969-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 global.js Show response
d39ldsmboekjvi.cloudfront.net/js/ 1 KB
1 KB 47ms
44ms Script
application/javascript 2600:9000:224a:cc00:1a:70ff:e780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d39ldsmboekjvi.cloudfront.net/js/global.js
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:cc00:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e4360ccbff7458d10887161022740b4d65e62387d29b35803f21d09e4ded655

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: bmHLfsPez_HWSYfR3Krj0Af.V9ixTXJx
content-encoding: gzip
last-modified: Wed, 04 Mar 2020 20:38:43 GMT
server: AmazonS3
age: 19796
etag: W/"0a1b6db2892f7f2acd5fef15f9fe3468"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
date: Wed, 08 Jun 2022 00:43:11 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: y60l9bZ5RaWjTH6Gs-aheryldVQ-2MuVUsHBBL6xSs8gKdRSS06cnQ==

GET
H2 200 script.js Show response
zenithlabs.xyz/_testimonials/js/ 14 KB
5 KB 358ms
263ms Script
application/javascript 2606:4700:3033::6815:4e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zenithlabs.xyz/_testimonials/js/script.js
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4e913db16b5e04bb3bd01d3ca685eec2fc9f302717a926003e12801028f92e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 27 Sep 2021 19:23:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z92OHvjTJF33FVwSQTA%2Bee8%2FRb9mcEt9M6eITZeb9bdrH3VcmQMS%2BtJVAtbPKRg5C914dukIugbanPgb4f%2BVk2A2zedqdzzcUiieYDUzyYKeejoUsunfLHv15YYe2%2B2QRn2Ibn4MXoRHN4zlAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 717f7accda0b9c12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 uikit.min.js Show response
d39ldsmboekjvi.cloudfront.net/js/ 55 KB
15 KB 62ms
59ms Script
application/javascript 2600:9000:224a:cc00:1a:70ff:e780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d39ldsmboekjvi.cloudfront.net/js/uikit.min.js
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:cc00:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72944f66a86377daa1b8b235d618e54b2d16d68e317753b92f5d91622036ae95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 20:32:48 GMT
content-encoding: gzip
last-modified: Tue, 12 May 2020 17:01:36 GMT
server: AmazonS3
age: 34819
etag: W/"7d5fe4c07a56cabb6623989b12727944"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: Nk8TGea4D_nJH.nfnk1wgk357ewDgvvj
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: wtJBdqygn2Vi3h1_asTOfWuVQjBoF5cfQiL6NFBVrs0WUEnP5qnH2w==

GET
H3 200 jquery.validate.min.js Show response
visionhealthsupport.com/index-assets/js/ 22 KB
8 KB 273ms
271ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visionhealthsupport.com/index-assets/js/jquery.validate.min.js
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 13 Nov 2017 20:32:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNJcNjDaOvSycui86yUjBjKs55b7vSHm0qEy%2Bs7AE26lHuAAY5DS6gXuyB2w3hBSA8eEwy%2FUaoZBkGqYk7YSHEBNiaYNHwy4uausqSIuejhuI5pIt6IHVBBibFW%2BpcSuPP%2FC7nnEzSnpKb4nRgFZ8fLDKLZXag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 717f7acc4cca9280-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 08 Jul 2022 06:13:06 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ 84 KB
30 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

Requested by

Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 00:21:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30089
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Jun 2023 00:21:42 GMT

GET
H2 200 crushing.png
d1dxl9bi1wmkcn.cloudfront.net/vsl/ 16 KB
16 KB 69ms
67ms Image
image/png 2600:9000:2251:bc00:9:19ed:21c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1dxl9bi1wmkcn.cloudfront.net/vsl/crushing.png
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:bc00:9:19ed:21c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f4ff99aeefc62eadd99fea6f1f0c9ac75bc999e99c4922a02701edb4b1182cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:06 GMT
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
last-modified: Sat, 01 Dec 2018 12:51:59 GMT
server: AmazonS3
age: 70490
etag: "cbb64699d28578fefcb855e79cde6488"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 16207
x-amz-cf-id: MS5KIOI2TKEOiZnU8P8-OjBw-fsWRqerh9huuo32irSdJVC3qj3LGg==
x-amz-meta-s3b-last-modified: 20181201T122918Z

GET
H2 200 hair-popup1.jpg
d1dxl9bi1wmkcn.cloudfront.net/vsl/ 22 KB
22 KB 424ms
421ms Image
image/jpeg 2600:9000:2251:bc00:9:19ed:21c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1dxl9bi1wmkcn.cloudfront.net/vsl/hair-popup1.jpg
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:bc00:9:19ed:21c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b07497bd681d11c7b574d0d583ed4029fb2bdda9e2badade944e378032c8286e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:07 GMT
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
last-modified: Sat, 01 Dec 2018 12:52:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: "a6dbbfb28d1816061f63c0155b4c141b"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 22394
x-amz-cf-id: p_cvOcBA0R1TRoZoZWMfocpXeAcYOqQLBUzDPF88mLmqE4A_yReCRg==
x-amz-meta-s3b-last-modified: 20181201T122918Z

GET
H2 200 radiobox-active.png
d1dxl9bi1wmkcn.cloudfront.net/vsl/ 2 KB
2 KB 62ms
60ms Image
image/png 2600:9000:2251:bc00:9:19ed:21c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1dxl9bi1wmkcn.cloudfront.net/vsl/radiobox-active.png
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:bc00:9:19ed:21c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ed2acbb9a0a89699c94a6623eebedef0ee4a5c4534c33fa8ff82d37b10036f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 10:38:17 GMT
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
last-modified: Sat, 01 Dec 2018 12:52:00 GMT
server: AmazonS3
age: 70490
etag: "84a4824e04c160b756efe6e2100d3e9f"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 1935
x-amz-cf-id: ug3t5DPCTUrCb7AGMWfxyCUw5MsscpAI_AKpJIXuPsO2WvDOllSn-w==
x-amz-meta-s3b-last-modified: 20181201T122919Z

GET
H2 200 radiobox-inactive.png
d1dxl9bi1wmkcn.cloudfront.net/vsl/ 2 KB
2 KB 437ms
436ms Image
image/png 2600:9000:2251:bc00:9:19ed:21c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1dxl9bi1wmkcn.cloudfront.net/vsl/radiobox-inactive.png
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:bc00:9:19ed:21c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c993f7f40dc714844a41bf75cfbbb5f10c9856155ac056a8bed83706df669594

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:07 GMT
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
last-modified: Sat, 01 Dec 2018 12:52:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: "d82d988d6157d223284b4b4edbf087f8"
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1563
x-amz-cf-id: a19P5Qvskv98tdm-R3ijHRzKYXyASqWe-jNX4yowmuOS44ZEnZNkbQ==
x-amz-meta-s3b-last-modified: 20181201T122919Z

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 3 KB
2 KB 145ms
61ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=231917&u=https%3A%2F%2Fvisionhealthsupport.com%2F&r=0.8634367176513937
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: c90de06c7d3ef430bffba3f221e78e6ef71d74827593e825d8f195ec2274aa27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Jun 2022 06:13:07 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 335 KB
86 KB 153ms
69ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N3HNC48

Requested by

Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2031ea7fe98a9a21d69d617af02a21e0280d547c11a323477fe31c63c3fb3e50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:07 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87317
x-xss-protection: 0
expires: Wed, 08 Jun 2022 06:13:07 GMT

GET
H2 200 hotjar-1424034.js Show response
static.hotjar.com/c/ 4 KB
2 KB 181ms
71ms Script
application/javascript 108.157.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1424034.js?sv=6

Requested by

Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-21.dus51.r.cloudfront.net

Software

Resource Hash

edff243d55d3fb3f2dd5db37bc999911eed45fd58987b4717cc42b023e1d8daf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:07 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: DUS51-P2
etag: W/8bd057ff59bcfa5493a2f8a21c1c7ec9
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: UoZXBLYca4y-MWZkmuaR1NeQWnf78_W0ulY7jS0WZLHSEt0iIKXOzA==
via: 1.1 f47fcc9b2aa47ced36c40c318e6f006a.cloudfront.net (CloudFront)

GET
H2 200 logo_vitamin_angels.png
d39ldsmboekjvi.cloudfront.net/images/ 12 KB
13 KB 43ms
43ms Image
image/png 2600:9000:224a:cc00:1a:70ff:e780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d39ldsmboekjvi.cloudfront.net/images/logo_vitamin_angels.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:cc00:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b4394abaeaee8b62be442b567fd9cf0759d17af0a90353962fe9e50c72daf51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 07:04:06 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
last-modified: Tue, 03 Mar 2020 18:35:37 GMT
server: AmazonS3
age: 83342
etag: "267abba3ee756561fc089a385784366c"
x-cache: Hit from cloudfront
x-amz-version-id: OuKUrtD6HwXd0PmjkmylxPJLJBcyapi.
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 12686
x-amz-cf-id: MT27cveTzdQWsnhrBo555_Y2B-u7wTcbvMTKXe_1KxoarqDiLWA9KA==

GET
H2 200 vitamin-angels-vsl-lfsl.jpg
d39ldsmboekjvi.cloudfront.net/images/ 359 KB
360 KB 48ms
47ms Image
image/jpeg 2600:9000:224a:cc00:1a:70ff:e780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d39ldsmboekjvi.cloudfront.net/images/vitamin-angels-vsl-lfsl.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:cc00:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d28c0dd1d6d509daf8e3333f4ae83e732d9a95ee1986bed993cbed2a18e370cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 07:54:18 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
last-modified: Wed, 04 Mar 2020 18:14:10 GMT
server: AmazonS3
age: 80330
etag: "0d6852179e829463aa3d4f0f118e5f53"
x-cache: Hit from cloudfront
x-amz-version-id: oc2xwqc8xIVaaxoh4kVHs4xY1OdBLDGp
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/jpeg
content-length: 367952
x-amz-cf-id: jm_67kJou4mJCb6Fs6vrO1pxlKWqIg7R64ei85J_FwtLxMK8Fe108w==

GET
H2 200 / Show response
tracking.buygoods.com/track/ 5 KB
2 KB 509ms
395ms Script
application/javascript 2606:4700:3108::ac42:2b16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.buygoods.com/track/?a=5405&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=vision20_goo20_main_1,vision20_goo20_main_3,vision20_goo20_main_6&caller_url=https%3A%2F%2Fvisionhealthsupport.com%2F
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea95f5e9942d0583e8c8531eb86596a26ad2412cc07ac25f9661e0ef1defe2c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 06:13:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 717f7ad22f219061-FRA
p3p: CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
cache-control: no-cache, must-revalidate
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, Jan 12 1999 01:01:01 GMT

GET
H2 200 buygoods_black.png
www.buygoods.com/images/ 4 KB
5 KB 165ms
53ms Image
image/webp 2606:4700:3108::ac42:2b73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buygoods.com/images/buygoods_black.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33123ac79fae6dd7ea03a3b2d7784cbac68cb4e4ca4527d570fdc8a628210159

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:07 GMT
cf-cache-status: HIT
age: 60459
cf-polished: origFmt=png, origSize=9596
content-disposition: inline; filename="buygoods_black.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4492
last-modified: Tue, 12 Sep 2017 06:30:00 GMT
server: cloudflare
etag: "59b77ee8-257c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 05 Jun 2032 06:13:07 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 717f7ad22ee26969-FRA
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 77 B
232 B 124ms
38ms XHR
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?fields=status,message,countryCode,regionName&key=5vWn1Ta5eS1fVrD
Requested by: Host: d39ldsmboekjvi.cloudfront.net
URL: https://d39ldsmboekjvi.cloudfront.net/js/no_right_click_protection.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: 5f28b06fa94028b476117573cfe6658f60a9f02effe3c76d17699aa7caa0f5f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 08 Jun 2022 06:13:07 GMT
Content-Length: 77
Content-Type: application/json; charset=utf-8

GET
H2 200 / Show response
zenithlabs.xyz/_testimonials/view/ 33 KB
9 KB 437ms
308ms Fetch
application/json 2606:4700:3033::6815:4e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zenithlabs.xyz/_testimonials/view/?site_id=1
Requested by: Host: zenithlabs.xyz
URL: https://zenithlabs.xyz/_testimonials/js/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1553611722b52b62568961a1852c5c773e31cd8ef86afabbe721af88dd050798

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
access-control-allow-methods: POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8rN5C9TzdhaS5WvmxIe8w6Jr16aFyZPNcE4idecUYq2sIn5KigjFQYPvTeyXX3iERgdcou06GHA63KPDrygPuBCdHG%2FqrWVHRKfGf6Y3Z6i5xguInIm1LsbJyPen2x7PdKRVE20Wz8Ku5yESw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 717f7ad25a6c9280-FRA
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 166ms
125ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=231917&d=visionhealthsupport.com&u=D51C9BA69D32037D427175ADC731924A2&h=aa1789e71da9bdc60dd82960fea75697&t=false&r=0.7099422698354092

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 06:13:07 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 modules.e20d55506f3679282458.js Show response
script.hotjar.com/ 243 KB
63 KB 129ms
45ms Script
application/javascript 52.222.236.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e20d55506f3679282458.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1424034.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-43.fra56.r.cloudfront.net

Software

Resource Hash

5418abfb61c7201ead45d21f215b481b45ee7c13ee78608dbbe1c6244543406b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 11:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 154021
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 64038
access-control-allow-origin: *
last-modified: Mon, 06 Jun 2022 11:25:40 GMT
etag: "1318b31283773d19556416b861d6cbe8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 2iQv-pKOunxoRdx0VSr7DbLP0lHb3KI2txNd11F-UGb2vsvNn_VCxg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 121ms
38ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3HNC48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2301
date: Wed, 08 Jun 2022 05:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 08 Jun 2022 07:34:46 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1270828/ 55 KB
17 KB 121ms
38ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1270828/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3HNC48
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 76b9193753c1e1240e4d9560c421d04e0848163ac2b5489ae6070e001f96b210

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: .Abig1Eo3dzFPs4uuydOfD.acf8Vzq3H
content-encoding: gzip
etag: "e9dce67a562b5318f2c0676131ded5a4"
age: 85
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 17385
x-amz-id-2: 6cOa6YyZibgYtNN/OYwSGGhPio7gu2MmvKwfVHvmgXe2NRnniTx8URN+AXnRQ2EXUf3Da7JyLVk=
x-served-by: cache-hhn4076-HHN
last-modified: Sun, 05 Jun 2022 11:19:21 GMT
server: AmazonS3
x-timer: S1654668788.763891,VS0,VE1
date: Wed, 08 Jun 2022 06:13:07 GMT
vary: Accept-Encoding
x-amz-request-id: CRG7BH44YVJYE35N
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 58
x-cache-hits: 1

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 155ms
61ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3HNC48

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7B6AB1B7C3E84BA3A7EE89BB6E3D5DA6 Ref B: FRAEDGE1213 Ref C: 2022-06-08T06:13:07Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 08 Jun 2022 06:13:07 GMT
accept-ranges: bytes
content-length: 11333

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 114ms
37ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: 0vhERPSH0dXif6ey9gwK2jC7hfQfnmhLW2/4XZfrrjzPW/KHD72HGmr9W3GbQMBgnwMJVVHE73tKSMjrEV+YpQ==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Wed, 08 Jun 2022 06:13:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 166ms
50ms Script
application/x-javascript 88.221.18.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.18.62 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-18-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 06:13:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Feb 2022 12:30:38 GMT
Server: AkamaiNetStorage
ETag: "23b34d08f648c3f51b232443afced826:1644409863.170279"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Wed, 08 Jun 2022 06:33:07 GMT

GET
H2 200 ss.js Show response
koi-3qnszs13fy.marketingautomation.services/client/ 12 KB
5 KB 282ms
145ms Script
application/javascript 107.178.240.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://koi-3qnszs13fy.marketingautomation.services/client/ss.js?ver=2.4.0
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.240.178.107.bc.googleusercontent.com
Software: openresty /
Resource Hash: 926f767fec2a5ed3a610735fde7861c24c9c15fa136d9a85d111c2b9ec4a0fa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:07 GMT
content-encoding: gzip
last-modified: Wed, 01 Jun 2022 15:11:17 GMT
server: openresty
etag: W/"62978195-2fc8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 google
cache-control: max-age=604800, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 Jun 2022 06:13:07 GMT

GET
H2 200 box-63c3a81830bf549dafe40b369003f751.html Show response
vars.hotjar.com/ Frame D9CF 2 KB
1 KB 119ms
37ms Document
text/html 18.66.139.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1424034.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-28.fra60.r.cloudfront.net
Software: /
Resource Hash: f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer: https://visionhealthsupport.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 686341
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 07:34:06 GMT
etag: "e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified: Tue, 31 May 2022 07:33:23 GMT
vary: Accept-Encoding
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-cf-id: LgAI53IfMxnizwCoFDTB7PBzxbDHJg-8La7Vg2Xc13URJU6_YE0EPA==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 120ms
44ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=776311235&t=pageview&_s=1&dl=https%3A%2F%2Fvisionhealthsupport.com%2F&dr=&ul=en-us&de=UTF-8&dt=Vision%2020%20-%20Official%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=1571874057&gjid=1077080935&cid=993817833.1654668788&tid=UA-156185630-1&_gid=1957050272.1654668788&_r=1&gtm=2wg660N3HNC48&z=1342452081

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://visionhealthsupport.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 06:13:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://visionhealthsupport.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1270828/trc/3/ 2 KB
1 KB 63ms
62ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1270828/trc/3/json?tim=1654668787820&data=%7B%22id%22%3A935%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1654668787816%2C%22cv%22%3A%2220220602-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fvisionhealthsupport.com%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dzenithlabs-network%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1654668787819%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fvisionhealthsupport.com%2F%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A96%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1270828/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ee9f917e45aba6af346fad92f4fc5384550dc76725ecb529085efc12b93fd5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-vcl-time-ms: 26
date: Wed, 08 Jun 2022 06:13:07 GMT
content-encoding: gzip
server: nginx
x-timer: S1654668788.840017,VS0,VE26
x-served-by: cache-hhn4076-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1424034/ 147 B
322 B 244ms
60ms XHR
application/json 54.171.41.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1424034/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e20d55506f3679282458.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.41.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-41-113.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4c88237efbd80053668d55dfb4f84f10c756d3d69142f801bd440d5ca4c46468

Request headers

Referer: https://visionhealthsupport.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 08 Jun 2022 06:13:08 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H3 200 2933385093392789 Show response
connect.facebook.net/signals/config/ 308 KB
88 KB 360ms
322ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2933385093392789?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7a8019c8ddb481ee1e0be2569ad4390215889eb58c26438b648a76bb072223fc

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: uOw1r/mvrJds8oLPYLBcVT6QgcKxRupjtyirc3ReUTFVD+jkMJEtTZa47AMcNZzN3hcmmWipHidwBSYPFUFx3A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 08 Jun 2022 06:13:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1654668788178
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 56323860.js Show response
bat.bing.com/p/action/ 0
136 B 193ms
193ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56323860.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5F5909288209466C80DAFF0C369B99D0 Ref B: FRAEDGE1213 Ref C: 2022-06-08T06:13:07Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 08 Jun 2022 06:13:07 GMT

GET
H2 204 0
bat.bing.com/action/ 0
175 B 63ms
63ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56323860&tm=gtm002&Ver=2&mid=4a3c5318-b696-4466-a0cf-d4306023ced9&sid=10b52ec0e6f211eca924d3baa91f9f5d&vid=10b562e0e6f211eca57d5990d0312d13&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Vision%2020%20-%20Official%20Website&p=https%3A%2F%2Fvisionhealthsupport.com%2F&r=&lt=1544&evt=pageLoad&msclkid=N&sv=1&rn=433187

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1C51566A2F154FE582B37CEE3418151E Ref B: FRAEDGE1213 Ref C: 2022-06-08T06:13:07Z
date: Wed, 08 Jun 2022 06:13:07 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 461ms
115ms Script
application/javascript 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=006a8dc9da81ab08022e55b61fb875da32
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 Harrodsburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 06:13:08 GMT
content-encoding: gzip
X-TraceId: 92ec106543bb2bcdcc3a49953d9f59a3
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 475ms
118ms Image
image/gif 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=006a8dc9da81ab08022e55b61fb875da32&obApiVersion=1.1&obtpVersion=1.6.0&name=PAGE_VIEW&dl=https%3A%2F%2Fvisionhealthsupport.com%2F&optOut=false&bust=013079833568334798
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 Harrodsburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 06:13:08 GMT
Cache-Control: no-cache
X-TraceId: 9a63b8170920fef48ea7dc99215b8399
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 141ms
47ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-156185630-1&cid=993817833.1654668788&jid=1571874057&gjid=1077080935&_gid=1957050272.1654668788&_u=YGBACEAABAAAAC~&z=388344085

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://visionhealthsupport.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 08 Jun 2022 06:13:08 GMT
content-type: text/plain
access-control-allow-origin: https://visionhealthsupport.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 koi Show response
koi-3qnszs13fy.marketingautomation.services/ 148 B
176 B 242ms
203ms Script
application/javascript 107.178.240.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://koi-3qnszs13fy.marketingautomation.services/koi?rf=&hn=visionhealthsupport.com&lg=en-US&sr=1600x1200&cd=24&vr=2.4.0&se=1654668787954&ac=KOI-4J9611AUYW&ts=1654668788&pt=0&pl=0&loc=https%3A%2F%2Fvisionhealthsupport.com%2F&tp=page&ti=Vision%2020%20-%20Official%20Website

Requested by

Host: koi-3qnszs13fy.marketingautomation.services
URL: https://koi-3qnszs13fy.marketingautomation.services/client/ss.js?ver=2.4.0

Protocol

Security

QUIC, , AES_128_GCM

Server

107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

224.240.178.107.bc.googleusercontent.com

Software

openresty /

Resource Hash

c11d90734dca0592d678f298e013f0d179bd4db7c5bc9a27d5d95e9c105456f6

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 06:13:08 GMT
content-encoding: gzip
x-clacks-overhead: GNU Terry Pratchett
last-modified: Wed, 08 Jun 2022 06:13:08 GMT
server: openresty
vary: Accept-Encoding
p3p: CP='This is not a P3P policy! See https://sharpspring.com/legal/privacy/ for more info.'
via: 1.1 google
cache-control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
pod-hostname: koi-5b9bcb5959-h9s9c
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ 1 KB
407 B 46ms
46ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,900&display=swap

Requested by

Host: zenithlabs.xyz
URL: https://zenithlabs.xyz/_testimonials/js/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c49e6c1e7b0c11085fa47361af94b0a69ab485c41ad01f347e5139c9582ca56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 05:46:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 06:13:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jun 2022 06:13:07 GMT

GET
H2 200 testimonials_real_people_real_results.png
d39ldsmboekjvi.cloudfront.net/images/ 88 KB
88 KB 44ms
44ms Image
image/png 2600:9000:224a:cc00:1a:70ff:e780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d39ldsmboekjvi.cloudfront.net/images/testimonials_real_people_real_results.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:cc00:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6aff7810136271105ab2c807f1e6d624a49904dee9206c41ad07ae5c5fe4f44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 07:04:06 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
last-modified: Mon, 03 May 2021 16:15:52 GMT
server: AmazonS3
age: 83341
etag: "56b78c68a45c2bd964a2e2df7bfaa493"
x-cache: Hit from cloudfront
x-amz-version-id: Svrofxew.CxAJZiIXYwYP0EvIWvxTEWX
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 89998
x-amz-cf-id: 3Rn2GqPn8IACFb8sNfDA2U6G2M1AKFXVpnwIvcmiS3u4rt-aAz4Zgw==

GET
H2 200 verified-buyer.svg
d39ldsmboekjvi.cloudfront.net/images/ 1 KB
1 KB 40ms
40ms Image
image/svg+xml 2600:9000:224a:cc00:1a:70ff:e780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d39ldsmboekjvi.cloudfront.net/images/verified-buyer.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:cc00:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a844a99992d25a7b1f58ecb3784325ae5f9d8f22fc1c5b390eba2457485c919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 07:04:06 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 17:56:43 GMT
server: AmazonS3
age: 83341
etag: W/"e77287b71241ba8e06b56ed233bbc0cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: p_xHlXAtcWZ3rqhR0u8jpfTwEazkXjVf
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
content-type: image/svg+xml
x-amz-cf-id: FXy1BySEG4HzusHTdOHH4OKppSAOezeVY-Ago0Sta7iGfNazGWpSFQ==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 133ms
50ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-156185630-1&cid=993817833.1654668788&jid=1571874057&_u=YGBACEAABAAAAC~&z=1530352664

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 06:13:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 132ms
49ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-156185630-1&cid=993817833.1654668788&jid=1571874057&_u=YGBACEAABAAAAC~&z=1530352664

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 06:13:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 60a4c0fe1e0282e3f4000028.js Show response
tag.perfectaudience.com/serve/ 12 KB
4 KB 317ms
220ms Script
text/javascript 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.perfectaudience.com/serve/60a4c0fe1e0282e3f4000028.js

Requested by

Host: koi-3qnszs13fy.marketingautomation.services
URL: https://koi-3qnszs13fy.marketingautomation.services/client/ss.js?ver=2.4.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

352ac404507df02fc3bcf5639af55776502e27ddaa880fd9d44032e5db0d2014

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:08 GMT
via: 1.1 vegur, 1.1 varnish
x-content-type-options: nosniff
server: Cowboy
age: 0
x-served-by: cache-hhn4081-HHN
vary: Accept-Encoding
x-cache: MISS
content-type: text/javascript
content-encoding: gzip
cache-control: max-age=1800
accept-ranges: bytes
x-timer: S1654668788.315030,VS0,VE184
content-length: 3945
x-cache-hits: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 115ms
38ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2933385093392789&ev=PageView&dl=https%3A%2F%2Fvisionhealthsupport.com%2F&rl=&if=false&ts=1654668788326&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1654668788324.810203410&it=1654668787838&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 08 Jun 2022 06:13:08 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 115ms
39ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2933385093392789&ev=ViewContent&dl=https%3A%2F%2Fvisionhealthsupport.com%2F&rl=&if=false&ts=1654668788327&cd[content_type]=product_group&cd[content_ids]=EC-VISION20&sw=1600&sh=1200&v=2.9.61&r=stable&ec=1&o=30&fbp=fb.1.1654668788324.810203410&it=1654668787838&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 08 Jun 2022 06:13:08 GMT

GET
H/1.1

200
OK

tagjs Show response
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/tagjs?a_id=165245&source=js_tag
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=165245&source=js_tag

125 B
454 B

58ms
57ms

Script
text/javascript

52.48.130.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=165245&source=js_tag
Protocol: HTTP/1.1
Server: 52.48.130.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-130-160.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d512a7c3ccbbc6ce8174217a2e017a3bc87584338faa01be0c22ddb4e754476

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 125
Content-Type: text/javascript

Redirect headers

Location: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=165245&source=js_tag
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

/
pixel-geo.prfct.co/usermap/
Redirect Chain

https://secure.adnxs.com/getuid?https://pixel-geo.prfct.co/usermap/?xid=$UID&sid=202206|62a03df4ffb144735d6ed63c&pid=pa_Zil3TF5mBb5mOOrpN
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel-geo.prfct.co%2Fusermap%2F%3Fxid%3D%24UID%26sid%3D202206%7C62a03df4ffb144735d6ed63c%26pid%3Dpa_Zil3TF5mBb5mOOrpN
https://pixel-geo.prfct.co/usermap/?xid=2398620527080118440&sid=202206|62a03df4ffb144735d6ed63c&pid=pa_Zil3TF5mBb5mOOrpN

43 B
256 B

56ms
56ms

Image
image/gif

52.48.130.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/usermap/?xid=2398620527080118440&sid=202206|62a03df4ffb144735d6ed63c&pid=pa_Zil3TF5mBb5mOOrpN
Protocol: HTTP/1.1
Server: 52.48.130.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-130-160.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 08 Jun 2022 06:13:09 GMT
X-Proxy-Origin: 80.255.7.102; 80.255.7.102; 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0cbe5b6b-dfc1-4946-946c-26d02c210502
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pixel-geo.prfct.co/usermap/?xid=2398620527080118440&sid=202206|62a03df4ffb144735d6ed63c&pid=pa_Zil3TF5mBb5mOOrpN
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=twtr
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_Zil3TF5mBb5mOOrpN

43 B
354 B

230ms
147ms

Image
image/gif

104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_Zil3TF5mBb5mOOrpN

Protocol

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-response-time: 110
date: Wed, 08 Jun 2022 06:13:08 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 400ed9aa2fd7cc713a8f71fd10abe64281cbc7fb2ec5255e97e8b5752532a5fb
content-length: 43

Redirect headers

Location: https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_Zil3TF5mBb5mOOrpN
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58288/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_Zil3TF5mBb5mOOrpN&_origin=1
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_Zil3TF5mBb5mOOrpN&_origin=1&verify=true

0
121 B

43ms
43ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_Zil3TF5mBb5mOOrpN&_origin=1&verify=true

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:09 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_Zil3TF5mBb5mOOrpN&_origin=1&verify=true
date: Wed, 08 Jun 2022 06:13:09 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=opx
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_Zil3TF5mBb5mOOrpN

43 B
274 B

140ms
57ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_Zil3TF5mBb5mOOrpN
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/eecec1e /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 06:13:09 GMT
via: 1.1 google
server: OXGW/eecec1e
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_Zil3TF5mBb5mOOrpN
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=rbcn
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_Zil3TF5mBb5mOOrpN

0
239 B

178ms
40ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_Zil3TF5mBb5mOOrpN
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_Zil3TF5mBb5mOOrpN
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=goo
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfWmlsM1RGNW1CYjVtT09ycE4
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfWmlsM1RGNW1CYjVtT09ycE4&google_tc=
https://pixel-geo.prfct.co/cb?partnerId=goo

43 B
365 B

56ms
56ms

Image
image/gif

52.48.130.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/cb?partnerId=goo
Protocol: HTTP/1.1
Server: 52.48.130.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-130-160.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 08 Jun 2022 06:13:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel-geo.prfct.co/cb?partnerId=goo
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
pixel-geo.prfct.co/seg/ 43 B
365 B 243ms
132ms Image
image/gif 52.48.130.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=26585915&source=js_tag&a_id=165245
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.130.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-130-160.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=26585915
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D26585915

43 B
1 KB

69ms
68ms

Image
image/gif

185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D26585915

Protocol

HTTP/1.1

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Jun 2022 06:13:09 GMT
X-Proxy-Origin: 80.255.7.102; 80.255.7.102; 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 776862f6-3820-41ba-bbab-cd204cc17b2b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Jun 2022 06:13:08 GMT
X-Proxy-Origin: 80.255.7.102; 80.255.7.102; 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 465a4786-c1f5-405f-bd7d-01deff04c90f
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D26585915
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 video-embed-code-new.php Show response
visionhealthsupport.com/ 3 KB
2 KB 255ms
254ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visionhealthsupport.com/video-embed-code-new.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fe83ee80d0551a7c349d483d8b7499e5ef2af696f172eac191991ba86f5bd20

Request headers

Accept: text/html, */*; q=0.01
Referer: https://visionhealthsupport.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JkKV%2BAzCThm7Q59IJTUXMZo54hYJmw80a%2B2wliEA6QcO7YGDcuctjSZuYH%2FR0hgovtlT6MsnEdpnNI1jaKO86cp4sh3hISc509jgW3UiKiYYLEO5zejpA3%2B2bDBU6Vf45GBc6g%2BQ575PU7eXbOyifu2NjJ63Og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 717f7adaecb89280-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 596 KB
110 KB 128ms
40ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js?_=1654668787405

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ee68d3fe6e95c3ca3adb8de966913bf8bd389898f22b89eb333cb6cdedb2922f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:09 GMT
content-encoding: br
vary: Accept-Encoding
age: 68
x-cache: HIT, HIT
content-length: 112525
x-served-by: cache-iad-kiad7000101-IAD, cache-fra19138-FRA
access-control-allow-origin: *
x-browser-version: 102
last-modified: Tue, 07 Jun 2022 18:46:24 GMT
x-timer: S1654668789.292591,VS0,VE0
etag: "629f9d00-1b78d"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 18

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 140ms
57ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bffe67c0ec41d02b174b3dd9f24fa95302ad338ff49423e542627fd8c91d5547

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 08 Jun 2022 06:13:09 GMT

GET
H2 200 cboverlay.jpg
d1dxl9bi1wmkcn.cloudfront.net/vsl/ 586 KB
586 KB 39ms
39ms Image
image/jpeg 2600:9000:2251:bc00:9:19ed:21c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1dxl9bi1wmkcn.cloudfront.net/vsl/cboverlay.jpg
Requested by: Host: visionhealthsupport.com
URL: https://visionhealthsupport.com/index-assets/css/style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:bc00:9:19ed:21c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ad34b360b0c44510fbb0aa14a052a571fd7b401f9ff114ebc4283b9cf3feb52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:07 GMT
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
last-modified: Tue, 12 May 2020 17:30:35 GMT
server: AmazonS3
age: 3
etag: "bcd6fce852fd98d8d201b7c792f937fe"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 599573
x-amz-cf-id: VStnLbx2sGZaQFj3LERX5QAk0MpIqqeWDNnhg4R8mawqASkT6NuB_A==

GET
H2 200 cover.png
dnpstz0jclxjm.cloudfront.net/vsl/ 139 B
500 B 152ms
55ms Image
image/png 2600:9000:223e:fe00:1c:af45:4480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnpstz0jclxjm.cloudfront.net/vsl/cover.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:fe00:1c:af45:4480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 256c9c7290f5e90592c66267d270ba06d4f66029b89acd89676eea8e39efe38b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 10:38:17 GMT
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
last-modified: Mon, 19 Nov 2018 19:58:17 GMT
server: AmazonS3
age: 70493
etag: "fb1af75ffc21e7243e0843fb32c3dff7"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 139
x-amz-cf-id: k9nc7PtFSFF3P5qInJRxT2a3IFw4ymUhQrQA6RnYT4454eVjdM3ddA==
x-amz-meta-s3b-last-modified: 20181119T195143Z

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/966d033c/www-widgetapi.vflset/ 158 KB
51 KB 118ms
38ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/966d033c/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cafeda5705503ca6ff92919bd414affc6df1289ab44ffbc70edc404e386337b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 04:57:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52344
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 00:16:06 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 08 Jun 2023 04:57:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1270828/log/3/ 0
252 B 136ms
42ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1270828/log/3/unip?en=pre_d_eng_tb&tos=1554&scd=96&ssd=1&est=1654668787818&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1654668789371&vi=1654668787816&ri=ff5441edfec7e9100fee637e42c37674&ref=null&cv=20220602-7-RELEASE&item-url=https%3A%2F%2Fvisionhealthsupport.com%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1270828/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://visionhealthsupport.com
pragma: no-cache
date: Wed, 08 Jun 2022 06:13:09 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 qlkFoHZioFo Show response
www.youtube.com/embed/ Frame 0697 64 KB
26 KB 80ms
80ms Document
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/qlkFoHZioFo?autoplay=0&controls=0&playsinline=1&modestbranding=1&fs=0&mute=1&loop=1&rel=0&showinfo=0&origin=https%3A%2F%2Fvisionhealthsupport.com&enablejsapi=1&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/966d033c/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b435f2b342fda53e733d0837cd24d0d807b0cd309cd7069994de52a89d41f4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://visionhealthsupport.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Wed, 08 Jun 2022 06:13:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/966d033c/ Frame 0697 338 KB
46 KB 38ms
38ms Stylesheet
text/css 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/966d033c/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qlkFoHZioFo?autoplay=0&controls=0&playsinline=1&modestbranding=1&fs=0&mute=1&loop=1&rel=0&showinfo=0&origin=https%3A%2F%2Fvisionhealthsupport.com&enablejsapi=1&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a8aed2402fa5b8c06158b9712611bcb35bfa05512e69dca5647fd43a712c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qlkFoHZioFo?autoplay=0&controls=0&playsinline=1&modestbranding=1&fs=0&mute=1&loop=1&rel=0&showinfo=0&origin=https%3A%2F%2Fvisionhealthsupport.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47569
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 00:16:06 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Jun 2023 17:04:27 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/966d033c/www-embed-player.vflset/ Frame 0697 303 KB
94 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/966d033c/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a719bb03d9542b4a353a8587e81909f6237ba86b955cae4811bd946ee709c06c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qlkFoHZioFo?autoplay=0&controls=0&playsinline=1&modestbranding=1&fs=0&mute=1&loop=1&rel=0&showinfo=0&origin=https%3A%2F%2Fvisionhealthsupport.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:04:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95944
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 00:16:06 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Jun 2023 17:04:24 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/966d033c/player_ias.vflset/de_DE/ Frame 0697 2 MB
532 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/966d033c/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7519b29272b57354ea9b697d66e7bef95b87b96da000f60e249e68baa08e04d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qlkFoHZioFo?autoplay=0&controls=0&playsinline=1&modestbranding=1&fs=0&mute=1&loop=1&rel=0&showinfo=0&origin=https%3A%2F%2Fvisionhealthsupport.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:04:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47320
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 544672
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 00:16:06 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Jun 2023 17:04:29 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/966d033c/fetch-polyfill.vflset/ Frame 0697 9 KB
3 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/966d033c/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qlkFoHZioFo?autoplay=0&controls=0&playsinline=1&modestbranding=1&fs=0&mute=1&loop=1&rel=0&showinfo=0&origin=https%3A%2F%2Fvisionhealthsupport.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:04:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 00:16:06 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Jun 2023 17:04:25 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0697 15 KB
15 KB 114ms
38ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 68104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Jun 2023 11:18:05 GMT

GET
H2 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 0697 113 B
723 B 128ms
45ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/966d033c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89b136874ce42e6ac7d221afb0de5dcff5703085abcad25ac34c00cf9a8fe81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 0697 29 B
587 B 120ms
37ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/966d033c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:09:58 GMT
x-content-type-options: nosniff
age: 191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Jun 2022 06:24:58 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 77ms
38ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2933385093392789&ev=Microdata&dl=https%3A%2F%2Fvisionhealthsupport.com%2F&rl=&if=false&ts=1654668789859&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Vision%2020%20-%20Official%20Website%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&ec=2&o=30&fbp=fb.1.1654668788324.810203410&it=1654668787838&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 08 Jun 2022 06:13:09 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 129ms
47ms Preflight
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 08 Jun 2022 06:13:09 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0697 62 KB
29 KB 134ms
53ms XHR
application/json+protobuf 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/966d033c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a61caf717fbe601091ab45911bca7c1dada203ef09fac2358aaf41d35b2bb4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 08 Jun 2022 06:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 29476
x-xss-protection: 0

GET
H3 200 B1_cC-tXimK-Vcdfr3NNmLtFRWfcesJykTbTvqPdDOg.js Show response
www.google.com/js/th/ Frame 0697 35 KB
13 KB 116ms
39ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/B1_cC-tXimK-Vcdfr3NNmLtFRWfcesJykTbTvqPdDOg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/966d033c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

075fdc0beb578a62be55c75faf734d98bb454567dc7ac2729136d3bea3dd0ce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 19:41:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 210675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13609
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 19:41:54 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/966d033c/player_ias.vflset/de_DE/ Frame 0697 27 KB
8 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/966d033c/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/966d033c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11bc4289af43fa4dd099e23420f302e64d72b47c6f99989c3eacb12d8db7ccd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qlkFoHZioFo?autoplay=0&controls=0&playsinline=1&modestbranding=1&fs=0&mute=1&loop=1&rel=0&showinfo=0&origin=https%3A%2F%2Fvisionhealthsupport.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:07:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8028
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 00:16:06 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Jun 2023 17:07:23 GMT

GET
DATA 200
OK truncated
/ Frame 0697 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLS0FGaVGr2nUZt3TIhRsixG2fcabbdn7kHLyD6j=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 0697 2 KB
2 KB 283ms
198ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLS0FGaVGr2nUZt3TIhRsixG2fcabbdn7kHLyD6j=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d5c741dfb91d5bf68f60d95e096b5c169eb9bed03007cb4e7fbc0cf2714b9085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:10 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1925
x-xss-protection: 0
server: fife
etag: "v10"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 17 May 2022 21:32:08 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/qlkFoHZioFo/ Frame 0697 48 KB
48 KB 139ms
55ms Image
image/webp 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/qlkFoHZioFo/maxresdefault.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb8608d7251d125d90dc3420573956beec36ac855d5e1e85fa6fbd7b9cbdd4ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:10 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48730
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 08 Jun 2022 08:13:10 GMT

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame 0697 62 KB
21 KB 117ms
117ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/966d033c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

70401156bc111c09aa0838e0f035ee6e6403f9bd50a53e4d7856d9590aad6643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/qlkFoHZioFo?autoplay=0&controls=0&playsinline=1&modestbranding=1&fs=0&mute=1&loop=1&rel=0&showinfo=0&origin=https%3A%2F%2Fvisionhealthsupport.com&enablejsapi=1&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20220605.00.00
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
X-Goog-Visitor-Id: CgsyUzhhVjBjd3ZwZyj1-4CVBg%3D%3D
Content-Type: application/json

Response headers

date: Wed, 08 Jun 2022 06:13:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21118
x-xss-protection: 0
expires: Wed, 08 Jun 2022 06:13:10 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 0697 0
9 B 37ms
37ms Image
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Nc4T9A
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/qlkFoHZioFo?autoplay=0&controls=0&playsinline=1&modestbranding=1&fs=0&mute=1&loop=1&rel=0&showinfo=0&origin=https%3A%2F%2Fvisionhealthsupport.com&enablejsapi=1&widgetid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qlkFoHZioFo?autoplay=0&controls=0&playsinline=1&modestbranding=1&fs=0&mute=1&loop=1&rel=0&showinfo=0&origin=https%3A%2F%2Fvisionhealthsupport.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 qoe
www.youtube.com/api/stats/ Frame 0697 0
19 B 47ms
47ms Ping
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=244&afmt=251&cpn=y318ADU3E8gNdM42&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082662%2C24135310%2C24135692%2C24167177%2C24169501%2C24199710%2C24209320%2C24222953&cl=453096331&seq=1&docid=qlkFoHZioFo&ei=9j2gYsHtAqPJ8gPv4JfoCg&event=streamingstats&plid=AAXg6Zl0Ii2rH9R8&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FqlkFoHZioFo%3Fautoplay%3D0%26controls%3D0%26playsinline%3D1%26modestbranding%3D1%26fs%3D0%26mute%3D1%26loop%3D1%26rel%3D0%26showinfo%3D0%26origin%3Dhttps%253A%252F%252Fvisionhealthsupport.com%26enablejsapi%3D1%26widgetid%3D1&cbr=Chrome&cbrver=102.0.5005.61&c=WEB_EMBEDDED_PLAYER&cver=1.20220605.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.009:B,0.138:B,0.138:B&cmt=0.009:0.000,0.138:0.000&afs=0.138:251::i&vfs=0.138:244:244::r&view=0.138:850:478&bwe=0.138:130000&bat=0.138:1:1&vis=0.138:0&bh=0.138:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/966d033c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/qlkFoHZioFo?autoplay=0&controls=0&playsinline=1&modestbranding=1&fs=0&mute=1&loop=1&rel=0&showinfo=0&origin=https%3A%2F%2Fvisionhealthsupport.com&enablejsapi=1&widgetid=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 06:13:10 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
rr4---sn-4g5ednsy.googlevideo.com/ Frame 0697 205 KB
206 KB 172ms
55ms Fetch
video/webm 2a00:1450:4001::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5ednsy.googlevideo.com/videoplayback?expire=1654690390&ei=9j2gYsHtAqPJ8gPv4JfoCg&ip=2a01%3A4a0%3A1338%3A92%3A%3A6&id=o-ALgmxv-k21xPAydh5kjIkVkG2AKN7-eOI3X16vrCcgh8&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=IZ&mm=31%2C26&mn=sn-4g5ednsy%2Csn-h0jeener&ms=au%2Conr&mv=u&mvi=4&pl=52&spc=4ocVC0SacpfKJOZRqPfThyvPJtZWEB0&vprv=1&mime=video%2Fwebm&ns=IfjvKTll0AURz6qn4SqttMIG&gir=yes&clen=170423521&dur=3576.633&lmt=1646818746295030&mt=1654667530&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=4432434&n=jN2GQ2vv15UxVw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALe2PwJlurozS4KQW3U6dUrOzU-BQmAi1f1u0xuDJG0yAiEA8ZDQov7Wzj6hD89jR3wwPwe5SgODRYhp6d0zh7oO1RM%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgBCe2kFo0MODzFZ6QpI7dtcNFCw3wy3GIHk725A-shAkCIHeocF-PtHyLzPp0f9Qb9wKdYnwS6w7w7x0rn87w-_Cx&alr=yes&cpn=y318ADU3E8gNdM42&cver=1.20220605.00.00&range=0-209980&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/966d033c/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b0f8bed3100d636c1d50cf0c47894c1d7262f251d5f74f3f0bf5aa4fe4c402bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 06:13:10 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 209981
Last-Modified: Wed, 09 Mar 2022 09:39:06 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Wed, 08 Jun 2022 06:13:10 GMT

GET
H/1.1 200
OK videoplayback Show response
rr4---sn-4g5ednsy.googlevideo.com/ Frame 0697 70 KB
71 KB 155ms
39ms Fetch
audio/webm 2a00:1450:4001::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5ednsy.googlevideo.com/videoplayback?expire=1654690390&ei=9j2gYsHtAqPJ8gPv4JfoCg&ip=2a01%3A4a0%3A1338%3A92%3A%3A6&id=o-ALgmxv-k21xPAydh5kjIkVkG2AKN7-eOI3X16vrCcgh8&itag=251&source=youtube&requiressl=yes&mh=IZ&mm=31%2C26&mn=sn-4g5ednsy%2Csn-h0jeener&ms=au%2Conr&mv=u&mvi=4&pl=52&spc=4ocVC0SacpfKJOZRqPfThyvPJtZWEB0&vprv=1&mime=audio%2Fwebm&ns=IfjvKTll0AURz6qn4SqttMIG&gir=yes&clen=62180536&dur=3576.661&lmt=1646810174282902&mt=1654667530&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=4432434&n=jN2GQ2vv15UxVw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgeU-73rVakvOPCLE_bOcE9NTOcq9ioVyQJqPKDDszNNMCIQCs1G1grv8PVxD2YoVCw-1tiA_-C2mQYdVpFJFy09ndoA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgBCe2kFo0MODzFZ6QpI7dtcNFCw3wy3GIHk725A-shAkCIHeocF-PtHyLzPp0f9Qb9wKdYnwS6w7w7x0rn87w-_Cx&alr=yes&cpn=y318ADU3E8gNdM42&cver=1.20220605.00.00&range=0-72145&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/966d033c/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

98cee7dd4d0f3bc7944dab6dd3db10f32c3590c23afe85d2a3526f664e3e087c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 06:13:10 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 72146
Last-Modified: Wed, 09 Mar 2022 07:16:14 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Wed, 08 Jun 2022 06:13:10 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/966d033c/player_ias.vflset/de_DE/ Frame 0697 64 KB
24 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/966d033c/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/966d033c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae932c67defb2bfb24cd3823515d40fb440da79b664c1108e3751847eec59895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qlkFoHZioFo?autoplay=0&controls=0&playsinline=1&modestbranding=1&fs=0&mute=1&loop=1&rel=0&showinfo=0&origin=https%3A%2F%2Fvisionhealthsupport.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:09:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47011
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24375
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 00:16:06 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Jun 2023 17:09:39 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/966d033c/player_ias.vflset/de_DE/ Frame 0697 27 KB
7 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/966d033c/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/966d033c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8916c3dcd8e195161037a597364986729ccabf106a7c68d1ab81d3498fcfd205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qlkFoHZioFo?autoplay=0&controls=0&playsinline=1&modestbranding=1&fs=0&mute=1&loop=1&rel=0&showinfo=0&origin=https%3A%2F%2Fvisionhealthsupport.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:09:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47011
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7448
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 00:16:06 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Jun 2023 17:09:39 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame 0697 6 KB
2 KB 203ms
203ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/966d033c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

36205024de61984198541583e672b9f22be3dc0ff6d9d185fb4b25158f374661

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/qlkFoHZioFo?autoplay=0&controls=0&playsinline=1&modestbranding=1&fs=0&mute=1&loop=1&rel=0&showinfo=0&origin=https%3A%2F%2Fvisionhealthsupport.com&enablejsapi=1&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20220605.00.00
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
X-Goog-Visitor-Id: CgsyUzhhVjBjd3ZwZyj1-4CVBg%3D%3D
Content-Type: application/json

Response headers

date: Wed, 08 Jun 2022 06:13:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1852
x-xss-protection: 0
expires: Wed, 08 Jun 2022 06:13:10 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0697 98 B
142 B 51ms
51ms XHR
application/json+protobuf 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/966d033c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c7d4002fe2cda63a8eb86e42a0f3166bad4c554af24c2eee8b648bbd5e08993a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 08 Jun 2022 06:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 45ms
45ms Preflight
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 08 Jun 2022 06:13:10 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 AKedOLS0FGaVGr2nUZt3TIhRsixG2fcabbdn7kHLyD6j=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 0697 3 KB
3 KB 132ms
55ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLS0FGaVGr2nUZt3TIhRsixG2fcabbdn7kHLyD6j=s88-c-k-c0x00ffffff-no-rj

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

437b2f0b469445314df4bb88dd8732787a9a81c8dffd65053ef649c5e25dcae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:10 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2842
x-xss-protection: 0
server: fife
etag: "v10"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 May 2022 02:03:37 GMT

GET
H3 200 videoplayback Show response
rr4---sn-4g5ednsy.googlevideo.com/ Frame 0697 193 KB
193 KB 81ms
39ms Fetch
video/webm 2a00:1450:4001::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/966d033c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

4d44305953996d7b07e0a30f012325f20eb1971b59996d152580393f910e3f67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:10 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197278
client-protocol: quic
last-modified: Wed, 09 Mar 2022 09:39:06 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Wed, 08 Jun 2022 06:13:10 GMT

GET
H3 204 playback
www.youtube.com/api/stats/ Frame 0697 0
17 B 48ms
46ms Image
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=y318ADU3E8gNdM42&ver=2&cmt=0.054&fmt=244&fs=0&rt=0.505&euri=https%3A%2F%2Fvisionhealthsupport.com%2F&lact=649&cl=453096331&mos=1&volume=100&cbr=Chrome&cbrver=102.0.5005.61&c=WEB_EMBEDDED_PLAYER&cver=1.20220605.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&splay=1&hl=de_DE&cr=DE&len=3576.661&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082662%2C24135310%2C24135692%2C24167177%2C24169501%2C24199710%2C24209320%2C24222953&rtn=11&afmt=251&size=850%3A478&inview=0&muted=1&docid=qlkFoHZioFo&ei=9j2gYsHtAqPJ8gPv4JfoCg&plid=AAXg6Zl0Ii2rH9R8&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FqlkFoHZioFo%3Fautoplay%3D0%26controls%3D0%26playsinline%3D1%26modestbranding%3D1%26fs%3D0%26mute%3D1%26loop%3D1%26rel%3D0%26showinfo%3D0%26origin%3Dhttps%253A%252F%252Fvisionhealthsupport.com%26enablejsapi%3D1%26widgetid%3D1&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBS1JhaHdCYjVKSDNXWmdwdGNZcVMxLUtJVjZ0am40U1htLTZueVhVeVJPajdfN0l1QWJSQVBta0tETGZ3WE1sV2ppUExOODVxN1UwSHNaQ0Z3dzg3dFdJQnNGMDc0ODVpalRSaktadTBrUjktWXpkaTBkcWttSTVxbHFuVmVybDdDYnlPZw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qlkFoHZioFo?autoplay=0&controls=0&playsinline=1&modestbranding=1&fs=0&mute=1&loop=1&rel=0&showinfo=0&origin=https%3A%2F%2Fvisionhealthsupport.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 06:13:10 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking
www.youtube.com/ Frame 0697 0
20 B 46ms
45ms Image
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=qlkFoHZioFo&cpn=y318ADU3E8gNdM42&ei=9j2gYsHtAqPJ8gPv4JfoCg&ptk=youtube_none&pltype=contentugc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qlkFoHZioFo?autoplay=0&controls=0&playsinline=1&modestbranding=1&fs=0&mute=1&loop=1&rel=0&showinfo=0&origin=https%3A%2F%2Fvisionhealthsupport.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 06:13:10 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 videoplayback Show response
rr4---sn-4g5ednsy.googlevideo.com/ Frame 0697 64 KB
64 KB 38ms
38ms Fetch
audio/webm 2a00:1450:4001::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5ednsy.googlevideo.com/videoplayback?expire=1654690390&ei=9j2gYsHtAqPJ8gPv4JfoCg&ip=2a01%3A4a0%3A1338%3A92%3A%3A6&id=o-ALgmxv-k21xPAydh5kjIkVkG2AKN7-eOI3X16vrCcgh8&itag=251&source=youtube&requiressl=yes&mh=IZ&mm=31%2C26&mn=sn-4g5ednsy%2Csn-h0jeener&ms=au%2Conr&mv=u&mvi=4&pl=52&spc=4ocVC0SacpfKJOZRqPfThyvPJtZWEB0&vprv=1&mime=audio%2Fwebm&ns=IfjvKTll0AURz6qn4SqttMIG&gir=yes&clen=62180536&dur=3576.661&lmt=1646810174282902&mt=1654667530&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=4432434&n=jN2GQ2vv15UxVw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgeU-73rVakvOPCLE_bOcE9NTOcq9ioVyQJqPKDDszNNMCIQCs1G1grv8PVxD2YoVCw-1tiA_-C2mQYdVpFJFy09ndoA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgBCe2kFo0MODzFZ6QpI7dtcNFCw3wy3GIHk725A-shAkCIHeocF-PtHyLzPp0f9Qb9wKdYnwS6w7w7x0rn87w-_Cx&alr=yes&cpn=y318ADU3E8gNdM42&cver=1.20220605.00.00&range=72146-137681&rn=4&rbuf=3690&pot=GpsBCm6SzHRcF73-a0wqnt6068e8F0ihR98fWmXJNV9aEIoylpF-bbukPLrJx7wUUzkCTi6Zg1nDMv87Q4trKtkbtkhqIi4qpJEnu66tHI0Qur8UJyhD0-UwDgs3YQ_ndvcwvyIpVRaJpSMSBBipAqRaZhIpATwYQQ7y4H0e3F3OL6IWrcynJgW32lrvabZA52-1U_jaBhYCjJJe33k=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/966d033c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

87dd4bccd4183e845fcc8dd3ca1cb8837a257bf71e4b4fd76cf2c9f5ab32fa92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:10 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65536
client-protocol: quic
last-modified: Wed, 09 Mar 2022 07:16:14 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 08 Jun 2022 06:13:10 GMT

GET
H3 200 videoplayback Show response
rr4---sn-4g5ednsy.googlevideo.com/ Frame 0697 502 KB
502 KB 45ms
45ms Fetch
video/webm 2a00:1450:4001::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/966d033c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b71820aaca0c43cd591d33b444e2a958bb479ded3eaebbcbe1d1805a2420227e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:10 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 513776
client-protocol: quic
last-modified: Wed, 09 Mar 2022 09:39:06 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Wed, 08 Jun 2022 06:13:10 GMT

GET
H3 200 videoplayback Show response
rr4---sn-4g5ednsy.googlevideo.com/ Frame 0697 139 KB
139 KB 38ms
38ms Fetch
audio/webm 2a00:1450:4001::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5ednsy.googlevideo.com/videoplayback?expire=1654690390&ei=9j2gYsHtAqPJ8gPv4JfoCg&ip=2a01%3A4a0%3A1338%3A92%3A%3A6&id=o-ALgmxv-k21xPAydh5kjIkVkG2AKN7-eOI3X16vrCcgh8&itag=251&source=youtube&requiressl=yes&mh=IZ&mm=31%2C26&mn=sn-4g5ednsy%2Csn-h0jeener&ms=au%2Conr&mv=u&mvi=4&pl=52&spc=4ocVC0SacpfKJOZRqPfThyvPJtZWEB0&vprv=1&mime=audio%2Fwebm&ns=IfjvKTll0AURz6qn4SqttMIG&gir=yes&clen=62180536&dur=3576.661&lmt=1646810174282902&mt=1654667530&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=4432434&n=jN2GQ2vv15UxVw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgeU-73rVakvOPCLE_bOcE9NTOcq9ioVyQJqPKDDszNNMCIQCs1G1grv8PVxD2YoVCw-1tiA_-C2mQYdVpFJFy09ndoA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgBCe2kFo0MODzFZ6QpI7dtcNFCw3wy3GIHk725A-shAkCIHeocF-PtHyLzPp0f9Qb9wKdYnwS6w7w7x0rn87w-_Cx&alr=yes&cpn=y318ADU3E8gNdM42&cver=1.20220605.00.00&range=137682-279758&rn=6&rbuf=7381&pot=GpsBCm6SzHRcF73-a0wqnt6068e8F0ihR98fWmXJNV9aEIoylpF-bbukPLrJx7wUUzkCTi6Zg1nDMv87Q4trKtkbtkhqIi4qpJEnu66tHI0Qur8UJyhD0-UwDgs3YQ_ndvcwvyIpVRaJpSMSBBipAqRaZhIpATwYQQ7y4H0e3F3OL6IWrcynJgW32lrvabZA52-1U_jaBhYCjJJe33k=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/966d033c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5323231a97e923ed59f8b2538f5833190af290635ed13a42f4daaf693be3dabc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:13:10 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142077
client-protocol: quic
last-modified: Wed, 09 Mar 2022 07:16:14 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 08 Jun 2022 06:13:10 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 0697 28 B
55 B 59ms
57ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/966d033c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/qlkFoHZioFo?autoplay=0&controls=0&playsinline=1&modestbranding=1&fs=0&mute=1&loop=1&rel=0&showinfo=0&origin=https%3A%2F%2Fvisionhealthsupport.com&enablejsapi=1&widgetid=1
X-YouTube-Client-Version: 1.20220605.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgsyUzhhVjBjd3ZwZyj1-4CVBg%3D%3D
X-YouTube-Ad-Signals: dt=1654668789726&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C850%2C478&vis=1&wgl=true&ca_type=image&bid=ANyPxKoje1ZZhTXJ3WAbxS2tmJvmraADhLsQG4Okb9h8gVgozQcWsGEjSml0BmxsZcQATw3jnu28uOwYSqhuVtMUhYuWe-FF3Q

Response headers

date: Wed, 08 Jun 2022 06:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 08 Jun 2022 06:13:12 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1270828/log/3/ 0
251 B 42ms
42ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1270828/log/3/unip?en=pre_d_eng_tb&tos=4556&scd=96&ssd=1&est=1654668787818&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1654668792374&vi=1654668787816&ri=ff5441edfec7e9100fee637e42c37674&ref=null&cv=20220602-7-RELEASE&item-url=https%3A%2F%2Fvisionhealthsupport.com%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1270828/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visionhealthsupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://visionhealthsupport.com
pragma: no-cache
date: Wed, 08 Jun 2022 06:13:12 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: content.maropost.com
URL: https://content.maropost.com/uploads/1273/websites/18/dbeabc932710235225c9234c23d94a23a0498d91-v2.js

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
visionhealthsupport.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 24a26f9400eaf662d8e1352c73362eec
.visionhealthsupport.com/	1970-01-20 12:24:51	Name: _vwo_uuid_v2 Value: D51C9BA69D32037D427175ADC731924A2\|aa1789e71da9bdc60dd82960fea75697
.visionhealthsupport.com/	1970-01-20 05:47:24	Name: _gcl_au Value: 1.1.84289701.1654668788
.visionhealthsupport.com/	1970-01-20 21:09:00	Name: _ga Value: GA1.2.993817833.1654668788
.visionhealthsupport.com/	1970-01-20 03:39:15	Name: _gid Value: GA1.2.1957050272.1654668788
.visionhealthsupport.com/	1970-01-20 03:37:48	Name: _gat_UA-156185630-1 Value: 1
.bing.com/	1970-01-20 12:59:24	Name: MUID Value: 2FABB531C34064B80B82A48CC2926576
.visionhealthsupport.com/	1970-01-20 12:23:24	Name: _hjSessionUser_1424034 Value: eyJpZCI6ImRjNjQwNzAwLWYyZDAtNTkxOS04OGJjLTE3Njc4NDJkMWYzYyIsImNyZWF0ZWQiOjE2NTQ2Njg3ODc3OTAsImV4aXN0aW5nIjpmYWxzZX0=
.visionhealthsupport.com/	1970-01-20 03:37:50	Name: _hjFirstSeen Value: 1
visionhealthsupport.com/	1970-01-20 03:37:48	Name: _hjIncludedInSessionSample Value: 0
.visionhealthsupport.com/	1970-01-20 03:37:50	Name: _hjSession_1424034 Value: eyJpZCI6IjY2MmQyOWExLWI3NTAtNDhjNC04M2NiLTNlYmY3ZTBjYzAwZCIsImNyZWF0ZWQiOjE2NTQ2Njg3ODc4MjcsImluU2FtcGxlIjpmYWxzZX0=
visionhealthsupport.com/	1970-01-20 03:37:48	Name: _hjIncludedInPageviewSample Value: 1
.visionhealthsupport.com/	1970-01-20 03:37:50	Name: _hjAbsoluteSessionInProgress Value: 0
.visionhealthsupport.com/	1970-01-20 03:39:15	Name: _uetsid Value: 10b52ec0e6f211eca924d3baa91f9f5d
.visionhealthsupport.com/	1970-01-20 12:59:24	Name: _uetvid Value: 10b562e0e6f211eca57d5990d0312d13
.visionhealthsupport.com/	1970-01-20 05:47:24	Name: sessid2 Value: sessid20220608061316660
.visionhealthsupport.com/	1970-01-20 05:47:24	Name: spi_funnel_codename Value:
.visionhealthsupport.com/	1970-01-20 05:47:24	Name: referrer Value: 2a01:4a0:1338:92::6::visionhealthsupport.com
visionhealthsupport.com/	1970-01-20 03:39:15	Name: __ss Value: 1654668787954
visionhealthsupport.com/	1970-01-20 03:37:52	Name: __ss_referrer Value: https%3A//visionhealthsupport.com/
.marketingautomation.services/	1970-01-23 19:13:48	Name: koitk Value: 202206%7C62a03df4ffb144735d6ed63c
visionhealthsupport.com/	1970-01-29 06:37:48	Name: __ss_tk Value: 202206%7C62a03df4ffb144735d6ed63c
visionhealthsupport.com/	1970-01-20 03:37:49	Name: outbrain_cid_fetch Value: true
.visionhealthsupport.com/	1970-01-20 05:47:24	Name: _fbp Value: fb.1.1654668788324.810203410
.prfct.co/	1970-01-20 21:09:00	Name: pa_uid Value: pa_Zil3TF5mBb5mOOrpN
.prfct.co/	1970-01-20 21:09:00	Name: pa_twitter_ts Value: 1654668788869
.prfct.co/	1970-01-20 21:09:00	Name: pa_yahoo_ts Value: 1654668788927
.prfct.co/	1970-01-20 21:09:00	Name: pa_openx_ts Value: 1654668788973
.prfct.co/	1970-01-20 21:09:00	Name: pa_rubicon_ts Value: 1654668788973
.prfct.co/	1970-01-20 21:09:00	Name: pa_google_ts Value: 1654668788979
.adnxs.com/	1970-01-20 05:47:24	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2In<LkLVx!@wnf-Te9(>wL5L!!'_[$nK`d
.adnxs.com/	1970-01-20 05:47:24	Name: uuid2 Value: 6877520143499207807
.yahoo.com/	1970-01-20 12:23:46	Name: A3 Value: d=AQABBPU9oGICEMmaJrhneAJz6O-5xNN4hn0FEgEBAQGPoWKqYgAAAAAA_eMAAA&S=AQAAAg3S5G4nwTkxcdEBR7iVrcU
.twitter.com/	1970-01-20 21:09:00	Name: personalization_id Value: "v1_RGQ2TEckI0pkHRNy8yVsvg=="
.analytics.yahoo.com/	1970-01-20 12:23:24	Name: IDSYNC Value: 18z4~25c6
.doubleclick.net/	1970-01-20 12:59:24	Name: IDE Value: AHWqTUmIzZt6y1kXb5aBelDyFUsDQLwcAr7pFJ1g6BJlQjGU8dVDRP7BvFHclyCIaXI
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: kqNFrtJtRNM
.youtube.com/	1970-01-20 07:57:00	Name: VISITOR_INFO1_LIVE Value: 2S8aV0cwvpg
visionhealthsupport.com/	1970-01-20 04:21:00	Name: vfl_2020a Value: set

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://content.maropost.com/uploads/1273/websites/18/dbeabc932710235225c9234c23d94a23a0498d91-v2.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
amplify.outbrain.com
analytics.twitter.com
bat.bing.com
cdn.taboola.com
cm.g.doubleclick.net
connect.facebook.net
content.maropost.com
d1dxl9bi1wmkcn.cloudfront.net
d39ldsmboekjvi.cloudfront.net
dev.visualwebsiteoptimizer.com
display.buygoods.com
dnpstz0jclxjm.cloudfront.net
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
in.hotjar.com
jnn-pa.googleapis.com
koi-3qnszs13fy.marketingautomation.services
maxcdn.bootstrapcdn.com
pixel-geo.prfct.co
pixel.rubiconproject.com
pro.ip-api.com
rr4---sn-4g5ednsy.googlevideo.com
script.hotjar.com
secure.adnxs.com
static.doubleclick.net
static.hotjar.com
stats.g.doubleclick.net
tag.perfectaudience.com
tr.outbrain.com
tracking.buygoods.com
trc-events.taboola.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
vars.hotjar.com
visionhealthsupport.com
www.buygoods.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
yt3.ggpht.com
zenithlabs.com
zenithlabs.xyz
content.maropost.com
104.244.42.195
107.178.240.224
108.157.4.21
141.226.228.48
142.250.181.226
151.101.130.217
151.101.65.44
18.66.139.28
185.33.221.11
188.114.97.3
2600:9000:223e:fe00:1c:af45:4480:21
2600:9000:224a:cc00:1a:70ff:e780:21
2600:9000:2251:bc00:9:19ed:21c0:21
2606:4700:3033::6815:4e02
2606:4700:3108::ac42:2b16
2606:4700:3108::ac42:2b73
2606:4700::6812:bcf
2620:1ec:c11::200
2a00:1450:4001:803::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:812::2016
2a00:1450:4001:813::2006
2a00:1450:4001:827::200a
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2003
2a00:1450:4001::9
2a00:1450:400c:c08::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::622
2a06:98c1:3121::3
3.126.56.137
34.96.102.137
35.244.159.8
51.77.64.70
52.222.236.43
52.48.130.160
54.171.41.113
64.202.112.31
69.173.144.165
88.221.18.62
075fdc0beb578a62be55c75faf734d98bb454567dc7ac2729136d3bea3dd0ce8
0ad34b360b0c44510fbb0aa14a052a571fd7b401f9ff114ebc4283b9cf3feb52
0c49e6c1e7b0c11085fa47361af94b0a69ab485c41ad01f347e5139c9582ca56
0cafeda5705503ca6ff92919bd414affc6df1289ab44ffbc70edc404e386337b
104d58ef6836f59af39cc368ca44d02ee5d24e96f4c66f9381a7a8d61fbeb23a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
118cac6e4d60f11f0cf8a5ed911fd41047d7591a176f9eaa261df65ef98c6553
11bc4289af43fa4dd099e23420f302e64d72b47c6f99989c3eacb12d8db7ccd3
12156f127aa113789157e9b4483c5d0b01bb51d9031e73abd6e215acffc239c4
1553611722b52b62568961a1852c5c773e31cd8ef86afabbe721af88dd050798
1667467452b365cc17fe59b7a0d20cfd0565b58a50cd36ce26f4e3720cfe51d6
194cb69271d893fbd927108b9972de33600d339d2c9332c21a78bf22c2167556
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1ee9f917e45aba6af346fad92f4fc5384550dc76725ecb529085efc12b93fd5d
2031ea7fe98a9a21d69d617af02a21e0280d547c11a323477fe31c63c3fb3e50
256c9c7290f5e90592c66267d270ba06d4f66029b89acd89676eea8e39efe38b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a8aed2402fa5b8c06158b9712611bcb35bfa05512e69dca5647fd43a712c2ce
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e4360ccbff7458d10887161022740b4d65e62387d29b35803f21d09e4ded655
33123ac79fae6dd7ea03a3b2d7784cbac68cb4e4ca4527d570fdc8a628210159
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
352ac404507df02fc3bcf5639af55776502e27ddaa880fd9d44032e5db0d2014
36205024de61984198541583e672b9f22be3dc0ff6d9d185fb4b25158f374661
37e0f772e1be5ee08fcb5e4857cf5a64e4a791dc3fecd895ae76ba2e7ecee180
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
437b2f0b469445314df4bb88dd8732787a9a81c8dffd65053ef649c5e25dcae0
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4b435f2b342fda53e733d0837cd24d0d807b0cd309cd7069994de52a89d41f4f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c88237efbd80053668d55dfb4f84f10c756d3d69142f801bd440d5ca4c46468
4d44305953996d7b07e0a30f012325f20eb1971b59996d152580393f910e3f67
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f2f4bb52429ce2bbe04f32c60fd6f6ff9f0a785bf9abb0d3e5529504f247d38
4f4ff99aeefc62eadd99fea6f1f0c9ac75bc999e99c4922a02701edb4b1182cf
4f9667f65fc5b852ce86f4f3b6df2b7775925fa0b582ce45ec6a181a9cd19c59
5323231a97e923ed59f8b2538f5833190af290635ed13a42f4daaf693be3dabc
5418abfb61c7201ead45d21f215b481b45ee7c13ee78608dbbe1c6244543406b
59d09721ef5d6a8a6aa8cf8100a1eaa2ef1644bd196fc1a788ad31e16a505734
5f28b06fa94028b476117573cfe6658f60a9f02effe3c76d17699aa7caa0f5f3
5fe83ee80d0551a7c349d483d8b7499e5ef2af696f172eac191991ba86f5bd20
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a27b183464b79759086b458880584b6b08b9643b2f545575431c5fc3c1b8efe
6ed2acbb9a0a89699c94a6623eebedef0ee4a5c4534c33fa8ff82d37b10036f5
6f4784a7f6c245b18964132eec4bd16639969fe76fa976159471c619e89ffddf
70401156bc111c09aa0838e0f035ee6e6403f9bd50a53e4d7856d9590aad6643
72944f66a86377daa1b8b235d618e54b2d16d68e317753b92f5d91622036ae95
7519b29272b57354ea9b697d66e7bef95b87b96da000f60e249e68baa08e04d7
76b9193753c1e1240e4d9560c421d04e0848163ac2b5489ae6070e001f96b210
7a8019c8ddb481ee1e0be2569ad4390215889eb58c26438b648a76bb072223fc
7a844a99992d25a7b1f58ecb3784325ae5f9d8f22fc1c5b390eba2457485c919
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d
80d7edf7a24031f445afc6c4056014fc7cd5f368105f485bdb79d73d0e251baa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
87dd4bccd4183e845fcc8dd3ca1cb8837a257bf71e4b4fd76cf2c9f5ab32fa92
885845a9670614c0b8dbbf100d2ba0378921667178048afdb42b19d43d2c10ca
8916c3dcd8e195161037a597364986729ccabf106a7c68d1ab81d3498fcfd205
89b136874ce42e6ac7d221afb0de5dcff5703085abcad25ac34c00cf9a8fe81d
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8b4394abaeaee8b62be442b567fd9cf0759d17af0a90353962fe9e50c72daf51
8d512a7c3ccbbc6ce8174217a2e017a3bc87584338faa01be0c22ddb4e754476
926f767fec2a5ed3a610735fde7861c24c9c15fa136d9a85d111c2b9ec4a0fa0
98cee7dd4d0f3bc7944dab6dd3db10f32c3590c23afe85d2a3526f664e3e087c
9a2c70b103749bbd9791429072b37b00f5fa07181977ba012c69038be2986ba3
9b4299b11549a1ac3b939d55f7366bc2d77f4c70c57f96bf6383e5a3e1eea1cc
9ceeb108d9e245e9875d7be9e20f61d653a069b33e24d3deae228c917b06f2cc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a61caf717fbe601091ab45911bca7c1dada203ef09fac2358aaf41d35b2bb4e7
a719bb03d9542b4a353a8587e81909f6237ba86b955cae4811bd946ee709c06c
aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae12c94f9d26ae791c4b27d2045df90397fffc491215eae7e47349b63640faa5
ae932c67defb2bfb24cd3823515d40fb440da79b664c1108e3751847eec59895
b07497bd681d11c7b574d0d583ed4029fb2bdda9e2badade944e378032c8286e
b0f8bed3100d636c1d50cf0c47894c1d7262f251d5f74f3f0bf5aa4fe4c402bb
b13361361dead3e8f8e37c273ea784761ba62008f9a6775fa36ff671302a3236
b45a61b6311dfb0b72551f2a1f5eca1b372b14f46c0c96830b15c95aaf388e17
b4e913db16b5e04bb3bd01d3ca685eec2fc9f302717a926003e12801028f92e9
b6aff7810136271105ab2c807f1e6d624a49904dee9206c41ad07ae5c5fe4f44
b71820aaca0c43cd591d33b444e2a958bb479ded3eaebbcbe1d1805a2420227e
bffe67c0ec41d02b174b3dd9f24fa95302ad338ff49423e542627fd8c91d5547
c11d90734dca0592d678f298e013f0d179bd4db7c5bc9a27d5d95e9c105456f6
c512a3512d845b648eec688471d5923214b616fdc4882f8abec8646e3902a0ff
c7d4002fe2cda63a8eb86e42a0f3166bad4c554af24c2eee8b648bbd5e08993a
c90de06c7d3ef430bffba3f221e78e6ef71d74827593e825d8f195ec2274aa27
c993f7f40dc714844a41bf75cfbbb5f10c9856155ac056a8bed83706df669594
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d229d32f11615d1fba7f8b7e215ab660e26caad16614274ac9e22f9eaf1e701a
d28c0dd1d6d509daf8e3333f4ae83e732d9a95ee1986bed993cbed2a18e370cd
d5929d0cbf06fb25f8d13c25374fe3ae2bfd1d9b8173abf585520c4f1c07ac94
d5c741dfb91d5bf68f60d95e096b5c169eb9bed03007cb4e7fbc0cf2714b9085
d61b5e3047f8aa364bc6ea9b1a41a337d280aaa8dae27e298e1c39b5c6842804
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
ddf4e5e63c47e5bf5ac84ed972d39aadb987fe549b4f84736b0de99ffdf49f91
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e02972174a4118b70436ce04878407ef114ad45dfdd6ed4565e71c097c418c1a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9fa462febec6d5da92cfcee5764a767fe8139c88ae92506d4401f5f45289e9e
ea95f5e9942d0583e8c8531eb86596a26ad2412cc07ac25f9661e0ef1defe2c0
ebaa3e324569894c27796dd279e6fa899162d869084d3d9893d8260a22e3e363
edff243d55d3fb3f2dd5db37bc999911eed45fd58987b4717cc42b023e1d8daf
ee68d3fe6e95c3ca3adb8de966913bf8bd389898f22b89eb333cb6cdedb2922f
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef887236c76fd7bdc9569ebcb6ef29cdc26665cf434ddbe2f53bd0a951c82e13
efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
fb8608d7251d125d90dc3420573956beec36ac855d5e1e85fa6fbd7b9cbdd4ec

visionhealthsupport.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

131 Requests

93 %HTTPS

57 %IPv6

35 Domains

50 Subdomains

47 IPs

6 Countries

5163 kBTransfer

9086 kBSize

39 Cookies

4 Outgoing links

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

visionhealthsupport.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

93 %
HTTPS

57 %
IPv6

35
Domains

50
Subdomains

47
IPs

6
Countries

5163 kB
Transfer

9086 kB
Size

39
Cookies

131 HTTP transactions
1 data transactions