urlscan.io logo urlscan.io
SecurityTrails logo

www.sightsciences.com Open in urlscan Pro
141.193.213.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.sightsciences.com//
Effective URL: https://www.sightsciences.com/
Submission: On October 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 10 domains to perform 87 HTTP transactions. The main IP is 141.193.213.10, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.sightsciences.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 8th 2024. Valid for: a year.
This is the only time www.sightsciences.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

54    141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.sightsciences.com
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
maps.googleapis.com
11    2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
2    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
3    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
2    2a00:1450:400c:c1f::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4005:800::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
54 sightsciences.com
www.sightsciences.com
366 KB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 326
302 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
region1.google-analytics.com — Cisco Umbrella Rank: 3643
22 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
308 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
259 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 4401
993 B
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
maps.googleapis.com — Cisco Umbrella Rank: 445
79 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
910 B
1 google.de
www.google.de — Cisco Umbrella Rank: 11271
63 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 498
303 B
87 10
Domain Requested by
54 www.sightsciences.com 1 redirects www.sightsciences.com
11 cdn.cookielaw.org www.sightsciences.com
cdn.cookielaw.org
4 www.googletagmanager.com www.sightsciences.com
www.googletagmanager.com
www.google-analytics.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
2 maps.googleapis.com www.sightsciences.com
maps.googleapis.com
2 www.google.com www.sightsciences.com
www.gstatic.com
1 www.google.de www.sightsciences.com
1 region1.analytics.google.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 fonts.googleapis.com www.sightsciences.com
87 14

This site contains links to these domains. Also see Links.

Domain
www.onetrust.com
Subject Issuer Validity Valid
*.sightsciences.com
Go Daddy Secure Certificate Authority - G2		 2024-07-08 -
2025-07-21		 a year crt.sh
upload.video.google.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
cookielaw.org
WE1		 2024-08-13 -
2024-11-11		 3 months crt.sh
*.google.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
geolocation.onetrust.com
WE1		 2024-08-13 -
2024-11-11		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.google.de
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.sightsciences.com/
Frame ID: C57364F2877EBFAB511AA82AC7785759
Requests: 85 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdVp_cbAAAAAAU4XCYrnVoAYX4qvk0a8gdztkPS&co=aHR0cHM6Ly93d3cuc2lnaHRzY2llbmNlcy5jb206NDQz&hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=y8sc1llgofb9
Frame ID: 8C536E02D020DC284949C88D9700FD0F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sight Sciences

Page URL History Show full URLs

  1. http://www.sightsciences.com// HTTP 307
    https://www.sightsciences.com// HTTP 301
    https://www.sightsciences.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

87
Requests

98 %
HTTPS

92 %
IPv6

10
Domains

14
Subdomains

14
IPs

4
Countries

1338 kB
Transfer

3769 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.sightsciences.com// HTTP 307
    https://www.sightsciences.com// HTTP 301
    https://www.sightsciences.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

87 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sightsciences.com/
Redirect Chain
  • http://www.sightsciences.com//
  • https://www.sightsciences.com//
  • https://www.sightsciences.com/
46 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
df9997ade749a1bd7854d38223a7299c2745cf73b5ecbb959e2e25d15246d40e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8cd37a5e0be03614-FRA
content-encoding
br
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
content-type
text/html; charset=UTF-8
cross-origin-embedder-polic
unsafe-none
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
date
Fri, 04 Oct 2024 07:32:26 GMT
link
<https://www.sightsciences.com/wp-json/>; rel="https://api.w.org/" <https://www.sightsciences.com/wp-json/wp/v2/pages/44>; rel="alternate"; title="JSON"; type="application/json" <https://www.sightsciences.com/>; rel=shortlink
permissions-policy
geolocation=self
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 11
x-cache-group
normal
x-cacheable
SHORT
x-content-type-options
nosniff
x-frame-options
sameorigin
x-powered-by
WP Engine
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8cd37a58de453614-FRA
content-type
text/html; charset=UTF-8
date
Fri, 04 Oct 2024 07:32:25 GMT
location
https://www.sightsciences.com/
server
cloudflare
x-cache
MISS
x-cache-group
normal
x-cacheable
non200
x-powered-by
WP Engine
x-redirect-by
WordPress
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;700&family=Manrope:wght@200..800&display=swap
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e1c8c013d47bcd45ea167961744f84ae87299896ba3e28cd0cf3d16fc17282a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 04 Oct 2024 07:32:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 04 Oct 2024 07:32:26 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
uiXk8gw/ehyoMvZ3GeQiaQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCE3AD1BDFE4B6
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
64607
x-content-type-options
nosniff
expires
Fri, 04 Oct 2024 13:35:39 GMT
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
last-modified
Thu, 03 Oct 2024 13:13:01 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
22c02fad-e01e-0102-4b99-15d725000000
cf-ray
8cd37a5f7c7adb03-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
7214
x-ms-blob-type
BlockBlob
server
cloudflare
style.min.css
www.sightsciences.com/wp-includes/css/dist/block-library/ 		110 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-includes/css/dist/block-library/style.min.css?ver=a94dfa4e7f93605a5fc9e74cbf6b3779
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66d4e48d-1b723"
age
1212731
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Sun, 01 Sep 2024 22:02:53 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5f4d3b3614-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
styles.css
www.sightsciences.com/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.8
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66d4e570-b4e"
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Sun, 01 Sep 2024 22:06:40 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5f5d3c3614-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
wordpress_file_upload_style.css
www.sightsciences.com/wp-content/plugins/wordpress-file-upload-pro/css/ 		2 KB
563 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/plugins/wordpress-file-upload-pro/css/wordpress_file_upload_style.css?ver=a94dfa4e7f93605a5fc9e74cbf6b3779
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c758bb957c08751687dd5b1267d9e407cc7d955f495be53f9515a23f3981514
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66d4e5a4-676"
age
1379998
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Sun, 01 Sep 2024 22:07:32 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5f5d3e3614-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
wordpress_file_upload_style_safe.css
www.sightsciences.com/wp-content/plugins/wordpress-file-upload-pro/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/plugins/wordpress-file-upload-pro/css/wordpress_file_upload_style_safe.css?ver=a94dfa4e7f93605a5fc9e74cbf6b3779
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
504302cf002550392dfbe006fdae442970ebc7f8d44ba0b57730e73a2c131eb3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66d4e5a4-11f4"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Sun, 01 Sep 2024 22:07:32 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5f5d403614-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
wordpress_file_upload_adminbarstyle.css
www.sightsciences.com/wp-content/plugins/wordpress-file-upload-pro/css/ 		406 B
228 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/plugins/wordpress-file-upload-pro/css/wordpress_file_upload_adminbarstyle.css?ver=a94dfa4e7f93605a5fc9e74cbf6b3779
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
41694e20441abd581bdcbd729731d8850c50dc9a27f864d81d25988eb244ed82
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66d4e5a4-196"
age
1367936
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Sun, 01 Sep 2024 22:07:32 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5f5d433614-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
jquery-ui.min.css
www.sightsciences.com/wp-content/plugins/wordpress-file-upload-pro/vendor/jquery/ 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/plugins/wordpress-file-upload-pro/vendor/jquery/jquery-ui.min.css?ver=a94dfa4e7f93605a5fc9e74cbf6b3779
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca4df2bf400a42d8752e115f03366a90b2b4ed06b2da9ef429d41fda5f15705e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66d4e5a4-7d52"
age
1379998
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Sun, 01 Sep 2024 22:07:32 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5f5d443614-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
jquery-ui-timepicker-addon.min.css
www.sightsciences.com/wp-content/plugins/wordpress-file-upload-pro/vendor/jquery/ 		2 KB
616 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/plugins/wordpress-file-upload-pro/vendor/jquery/jquery-ui-timepicker-addon.min.css?ver=a94dfa4e7f93605a5fc9e74cbf6b3779
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3101026642c51ebeaf140425e23e9d543eca49d400f73acbd1b5be52178b1654
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66d4e5a4-771"
age
1367936
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Sun, 01 Sep 2024 22:07:32 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5f5d473614-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
cookieblocker.min.css
www.sightsciences.com/wp-content/plugins/complianz-gdpr/assets/css/ 		3 KB
784 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=1717514210
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d5f949fcf84560d013b596b51856d6bc487bedc510bc712e82458f00b2506e5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"665f2fe2-ade"
age
39690
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Tue, 04 Jun 2024 15:16:50 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5f5d4b3614-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
main.css
www.sightsciences.com/wp-content/themes/sightsciences/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/themes/sightsciences/css/main.css?ver=1.212
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
11ef366db594a4ad108ea0788bc258a5c293857db4bd8902df88adc8c7d41473
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66ccf788-5284"
age
1379998
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Mon, 26 Aug 2024 21:45:44 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5f5d4e3614-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
bootstrap-grid.css
www.sightsciences.com/wp-content/themes/sightsciences/css/vendors/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/themes/sightsciences/css/vendors/bootstrap-grid.css?ver=1.212
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d75356eb7ef74d126747ebabc62ba775081d042fe743ae3b235554726cb82408
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66276fd0-2a1d"
age
1367936
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Tue, 23 Apr 2024 08:22:40 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5f5d513614-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
style.min.css
www.sightsciences.com/wp-content/plugins/pojo-accessibility/assets/css/ 		51 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/plugins/pojo-accessibility/assets/css/style.min.css?ver=1.0.0
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee52185d6a681a5d5b8a21ff5321901ce83e4ded11213a2e169d8be1e0417aab
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66277042-cc6d"
age
1367936
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Tue, 23 Apr 2024 08:24:34 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5f5d593614-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
style.css
www.sightsciences.com/wp-content/plugins/cf7-conditional-fields/ 		2 KB
620 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/plugins/cf7-conditional-fields/style.css?ver=2.4.15
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cedc9155263d1f634191e71f3c9ce256b315f833e375739ed0e65087996428cc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66d4e56a-651"
age
140372
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Sun, 01 Sep 2024 22:06:34 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5f5d5b3614-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
timeme.min.js
www.sightsciences.com/wp-content/plugins/burst-statistics/helpers/timeme/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/plugins/burst-statistics/helpers/timeme/timeme.min.js?ver=1.7.1
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
683c9b0530c613523f1b02a246d7bccaa9f68af46df061f4d9f72c178c01b874
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66d4e560-1930"
age
1379998
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Sun, 01 Sep 2024 22:06:24 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fda269189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
burst.min.js
www.sightsciences.com/wp-content/plugins/burst-statistics/assets/js/build/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/plugins/burst-statistics/assets/js/build/burst.min.js?ver=1.7.1
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
afd60048d61dd72e9846575e534dfcf5e5d5643a7fd0e61f0e659065038bfe99
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66d4e560-1c83"
age
1367935
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Sun, 01 Sep 2024 22:06:24 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fda279189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
wordpress_file_upload_functions.js
www.sightsciences.com/wp-content/plugins/wordpress-file-upload-pro/js/ 		104 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/plugins/wordpress-file-upload-pro/js/wordpress_file_upload_functions.js?ver=a94dfa4e7f93605a5fc9e74cbf6b3779
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2d32fd1daff93541b10e0eb1b54b8d4d9f0c4d2d09a87536d9640b4ca403691
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66d4e5a4-1a0dd"
age
18247
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Sun, 01 Sep 2024 22:07:32 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5f5d5d3614-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
jquery.min.js
www.sightsciences.com/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"64ecd5ef-15601"
age
1367936
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5f5d603614-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
jquery-migrate.min.js
www.sightsciences.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"6482bd64-3509"
age
18247
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5f5d623614-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
core.min.js
www.sightsciences.com/wp-includes/js/jquery/ui/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e84c9f8d71bc6eb2dac2fce59a6caea62da51ffa8cf56b41806f59386ab1322
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66d4e48e-53d8"
age
18247
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Sun, 01 Sep 2024 22:02:54 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5f5d663614-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
datepicker.min.js
www.sightsciences.com/wp-includes/js/jquery/ui/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.3
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8299ff4f0a4f809995dbace583b14258b897eda6eb49b44d6cc58c9a755d68bc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66d4e48e-8f8c"
age
1367936
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Sun, 01 Sep 2024 22:02:54 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5f5d683614-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
jquery-ui-timepicker-addon.min.js
www.sightsciences.com/wp-content/plugins/wordpress-file-upload-pro/vendor/jquery/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/plugins/wordpress-file-upload-pro/vendor/jquery/jquery-ui-timepicker-addon.min.js?ver=a94dfa4e7f93605a5fc9e74cbf6b3779
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdf6e101693261003024f15e62d081789a1ae71b9ba7ebfa9bf7a451275a9769
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66d4e5a4-a1e5"
age
986123
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Sun, 01 Sep 2024 22:07:32 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5f5d6a3614-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
Vector.svg
www.sightsciences.com/wp-content/uploads/2024/04/ 		2 KB
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sightsciences.com/wp-content/uploads/2024/04/Vector.svg
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f20ff5aeee34b0433c2757816fed996cef080cbcbb3f5137ec7f724aeef356f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66276fc9-762"
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Tue, 23 Apr 2024 08:22:33 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5f5d6b3614-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
logo_light.svg
www.sightsciences.com/wp-content/uploads/2024/03/ 		18 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sightsciences.com/wp-content/uploads/2024/03/logo_light.svg
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
60591ca421a0aed3fc0312e09a44de76bc9f090cd2af631fe4ea3c768fd5082e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66276fc9-4852"
age
253065
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Tue, 23 Apr 2024 08:22:33 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5f5d6e3614-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
style.css
www.sightsciences.com/wp-content/themes/sightsciences/css/ 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/themes/sightsciences/css/style.css?ver=1.212
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bd0ee4c68084b61e38600aa77ffa0f23a3be7fe8c2aaa0a793db394ca2dd9bf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66276fd0-8dfd"
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Tue, 23 Apr 2024 08:22:40 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5f5d723614-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
sumoselect.min.css
www.sightsciences.com/wp-content/themes/sightsciences/css/vendors/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/themes/sightsciences/css/vendors/sumoselect.min.css?ver=1.212
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
485e7749145caabf11b46387575c451c70b63274407432ae2492f3c7fca03c8c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66276fd0-1dbb"
age
1212730
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Tue, 23 Apr 2024 08:22:40 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5f9db13614-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
form-style.css
www.sightsciences.com/wp-content/themes/sightsciences/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/themes/sightsciences/css/form-style.css?ver=1.212
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4f38119efea773d48ee9e7d1efa01479cbf2f15ce205a759e72d921b30f5d2c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66276fd0-221d"
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Tue, 23 Apr 2024 08:22:40 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fb9df9189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
swiper-style.css
www.sightsciences.com/wp-content/themes/sightsciences/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/themes/sightsciences/css/swiper-style.css?ver=1.212
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b04f9673bcfc37d2289d0510852ab52922bc7a249fdd413d6d7f6dfe3cb21e0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66276fd0-1426"
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Tue, 23 Apr 2024 08:22:40 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fb9e89189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
style.css
www.sightsciences.com/wp-content/themes/sightsciences/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/themes/sightsciences/style.css?ver=1.212
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffc1175e23005eed96f40fb47d33247db2d38118a6780d1b49b012a9fdf86469
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66461742-25bb"
age
1367936
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Thu, 16 May 2024 14:25:06 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fd9f89189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
accesibility.css
www.sightsciences.com/wp-content/themes/sightsciences/css/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/themes/sightsciences/css/accesibility.css?ver=1.212
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed43f579949da24beaa12f1fc47df194cc7b257bc1e7f4b0028950ee1971f0f0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66276fd0-472a"
age
39690
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Tue, 23 Apr 2024 08:22:40 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fd9fa9189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
hooks.min.js
www.sightsciences.com/wp-includes/js/dist/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"65ba444c-10d3"
age
163074
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Wed, 31 Jan 2024 12:59:56 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fd9fc9189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
i18n.min.js
www.sightsciences.com/wp-includes/js/dist/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"65ce417b-23b5"
age
1367936
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Thu, 15 Feb 2024 16:53:15 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fda029189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index.js
www.sightsciences.com/wp-content/plugins/contact-form-7/includes/swv/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.8
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66d4e570-2cf9"
age
1367936
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Sun, 01 Sep 2024 22:06:40 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fda049189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index.js
www.sightsciences.com/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.8
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
111da58b16b15c6bac6126be92d0a83c8d1dc4139b6361411a744deda5242c66
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66d4e570-346f"
age
18246
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Sun, 01 Sep 2024 22:06:40 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fda059189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
mouse.min.js
www.sightsciences.com/wp-includes/js/jquery/ui/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.3
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f36adc07db49e73c3fd3aeb4234d270725f07719706dd28dfc09657f2cffe9d6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66d4e48e-d64"
age
78220
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Sun, 01 Sep 2024 22:02:54 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fda089189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
slider.min.js
www.sightsciences.com/wp-includes/js/jquery/ui/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.3
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9b268266af74b5c0834e2a519303ca97c5427c5fb7abb3b89ad29e07664be14
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66d4e48e-2a07"
age
18246
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Sun, 01 Sep 2024 22:02:54 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fda0a9189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
app.min.js
www.sightsciences.com/wp-content/plugins/pojo-accessibility/assets/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/plugins/pojo-accessibility/assets/js/app.min.js?ver=1.0.0
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
747ee080eb57ab3ca956da0c0779e4177492db9da1a7022c4979936c2fd872f1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66277042-14c1"
age
1367936
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Tue, 23 Apr 2024 08:24:34 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fda0b9189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
scripts.js
www.sightsciences.com/wp-content/plugins/cf7-conditional-fields/js/ 		55 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=2.4.15
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9957da6d164b0b4b42b6d62f6c26a33e2a56eab39b75624ed64da31e9c9ccd37
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66d4e56a-daa8"
age
1367936
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Sun, 01 Sep 2024 22:06:34 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fda0c9189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
api.js
www.google.com/recaptcha/ 		1 KB
993 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdVp_cbAAAAAAU4XCYrnVoAYX4qvk0a8gdztkPS&ver=3.0
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a79f8a73bffb3ca79934798f4c91f95ea1c07e8ff4b998b9df73bf2196937f31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Fri, 04 Oct 2024 07:32:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Fri, 04 Oct 2024 07:32:26 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
wp-polyfill.min.js
www.sightsciences.com/wp-includes/js/dist/vendor/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"65ba444c-96be"
age
1379998
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Wed, 31 Jan 2024 12:59:56 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fda0f9189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index.js
www.sightsciences.com/wp-content/plugins/contact-form-7/modules/recaptcha/ 		934 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.9.8
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66d4e570-3a6"
age
18246
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Sun, 01 Sep 2024 22:06:40 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fda129189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
jquery.min.js
www.sightsciences.com/wp-content/themes/sightsciences/js/vendors/ 		85 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/themes/sightsciences/js/vendors/jquery.min.js?ver=1.212
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
646be94d8c530951d009c8553231592b098e8708da86fbf13019cde550148742
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66276fce-155a8"
age
78220
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Tue, 23 Apr 2024 08:22:38 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fda139189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
app-global.js
www.sightsciences.com/wp-content/themes/sightsciences/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/themes/sightsciences/js/app-global.js?ver=1.212
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb906f69525562a497f4b92e975c0d7b3c1006f2d46ca2d73310fe3e5a966c2c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66276fce-2c73"
age
18246
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Tue, 23 Apr 2024 08:22:38 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fda179189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
jquery.sumoselect.min.js
www.sightsciences.com/wp-content/themes/sightsciences/js/vendors/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/themes/sightsciences/js/vendors/jquery.sumoselect.min.js?ver=1.212
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c815c0e8c8d4a540d31b3a66edc2a695a6ed1533ea0072d621f3fb73e24a76d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66276fce-5845"
age
1367935
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Tue, 23 Apr 2024 08:22:38 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fda1b9189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
jquery.inputmask.min.js
www.sightsciences.com/wp-content/themes/sightsciences/js/vendors/ 		101 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/themes/sightsciences/js/vendors/jquery.inputmask.min.js?ver=1.212
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
10a38adf03954cf6ce84dd65d36a6169c0ef76fdbe707156a59709bdeffcabc6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66276fce-1958a"
age
1379998
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Tue, 23 Apr 2024 08:22:38 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fda1f9189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
app-form.js
www.sightsciences.com/wp-content/themes/sightsciences/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/themes/sightsciences/js/app-form.js?ver=1.212
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7b4fa13cd9b59f71c10987fb56ed3ddc2ab3d6c445de22d5039666da73fc7f4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66276fce-16ac"
age
18246
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Tue, 23 Apr 2024 08:22:38 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fda209189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
swiper-bundle.min.js
www.sightsciences.com/wp-content/themes/sightsciences/js/vendors/ 		82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/themes/sightsciences/js/vendors/swiper-bundle.min.js?ver=1.212
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4b03ad4c034ae937a290ead2d41fe12314f0443fe4da511d337d14975bc09bc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66276fce-14645"
age
78219
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Tue, 23 Apr 2024 08:22:38 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fda219189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
app-swiper.js
www.sightsciences.com/wp-content/themes/sightsciences/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/themes/sightsciences/js/app-swiper.js?ver=1.212
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7392bacbec2f47bf5ef5533139033b0c7303e263bd2f10c5507fe3f22e9c157e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66276fce-a53"
age
1367935
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Tue, 23 Apr 2024 08:22:38 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fda229189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
custom.js
www.sightsciences.com/wp-content/themes/sightsciences/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/themes/sightsciences/js/custom.js?ver=1.212
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
88fdd19e2653570cae02643792710ac13d03f93c950ed147d58619741acc895e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66276fce-be1"
age
1379998
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Tue, 23 Apr 2024 08:22:38 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fda249189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
js
maps.googleapis.com/maps/api/ 		230 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyAjeVjXFmA0tV2eT4SO2bmOVG0RkcMO_M4&ver=5.4
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
400e8f96baa8a140bfa227fb5ff24541fd9edd8295780615ff33680bb200deb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=1800
timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79944
date
Fri, 04 Oct 2024 07:32:26 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
vary
Accept-Language, Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
app-location.js
www.sightsciences.com/wp-content/themes/sightsciences/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/themes/sightsciences/js/app-location.js?ver=1.212
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
18236265ee62767272f3f115629a3bb73cf4dd28fbf0527c0c0ec93ade0a1c9d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66e484c0-d6e"
age
1367935
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Fri, 13 Sep 2024 18:30:24 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5fda259189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
197547a0-9673-4841-8302-4c127ad70c10.json
cdn.cookielaw.org/consent/197547a0-9673-4841-8302-4c127ad70c10/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/197547a0-9673-4841-8302-4c127ad70c10/197547a0-9673-4841-8302-4c127ad70c10.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de814ee54a6d72eeb83f6e284b47c013c175fb3dbac74c6e030178a39ad24b8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
dnJt4Rvt9sz0O3CXhFCY0A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DC54E79D2D777D
age
19963
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Sat, 05 Oct 2024 07:32:26 GMT
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/json
last-modified
Thu, 04 Apr 2024 20:41:33 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
759f32f4-301e-0004-15e9-f46608000000
cf-ray
8cd37a5fc8c3dccd-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1650
x-ms-blob-type
BlockBlob
server
cloudflare
f104818e-334d-476d-bb41-ac49860d930b
https://www.sightsciences.com/ Frame 		0
0
gtm.js
www.googletagmanager.com/ 		362 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PKR2LG8
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cd96213a75509fd2f32e5db4f67f4808e5cb82001702f2246e342f603eb81df3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 04 Oct 2024 07:32:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 04 Oct 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
114626
x-xss-protection
0
server
Google Tag Manager
xn7gYHE41ni1AdIRggexSg.woff2
fonts.gstatic.com/s/manrope/v15/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;700&family=Manrope:wght@200..800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.sightsciences.com
Referer
https://fonts.googleapis.com/

Response headers

age
256383
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 08:19:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 08:19:23 GMT
last-modified
Wed, 13 Sep 2023 23:22:16 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24376
x-xss-protection
0
server
sffe
7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;700&family=Manrope:wght@200..800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.sightsciences.com
Referer
https://fonts.googleapis.com/

Response headers

age
255678
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 08:31:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 08:31:08 GMT
last-modified
Tue, 19 Apr 2022 19:43:23 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
21144
x-xss-protection
0
server
sffe
flag-usa.svg
www.sightsciences.com/wp-content/themes/sightsciences/img/ 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sightsciences.com/wp-content/themes/sightsciences/img/flag-usa.svg
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6794a4bc1a6662f15a0be95b9af424c28b429f80c68327a88427dcc72f5b6e21
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66276fce-29c0"
age
39690
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Tue, 23 Apr 2024 08:22:38 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5ffa399189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
flag-international.svg
www.sightsciences.com/wp-content/themes/sightsciences/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sightsciences.com/wp-content/themes/sightsciences/img/flag-international.svg
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c64e5dd1d299c4e8801695fa0237d47100e6c0e7b2b5c5b9bdc9d1f6234f0b13
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66276fce-7b9"
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Tue, 23 Apr 2024 08:22:38 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a5ffa3b9189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		66 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept
application/json
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
access-control-allow-methods
GET, OPTIONS
cf-ray
8cd37a604c4e1c09-FRA
access-control-allow-origin
*
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Content-Type
recaptcha__de.js
www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/ 		541 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdVp_cbAAAAAAU4XCYrnVoAYX4qvk0a8gdztkPS&ver=3.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8635cb1f53e720094ad3494627fd904246c714272f0aaa563117f2688deaee24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.sightsciences.com
Referer

Response headers

content-encoding
gzip
age
528
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Sat, 04 Oct 2025 07:23:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 04 Oct 2024 07:23:38 GMT
last-modified
Mon, 23 Sep 2024 04:00:50 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
219745
x-xss-protection
0
server
sffe
endpoint.php
www.sightsciences.com/wp-content/plugins/burst-statistics/ 		0
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/plugins/burst-statistics/endpoint.php
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/wp-content/plugins/burst-statistics/assets/js/build/burst.min.js?ver=1.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a604a869189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-powered-by
WP Engine
server
cloudflare
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202311.1.0/ 		427 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43f53421fef96a525b5fc208f6a59bd72479f0d9816dba0a416f68ee81d648a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
1EE1PYD7uD6VTAMrTql67g==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5D34632AA7A
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
20203
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
last-modified
Tue, 16 Jul 2024 20:10:01 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
c028eac3-501e-009c-0ebe-d7e837000000
cf-ray
8cd37a607f31db03-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
105094
x-ms-blob-type
BlockBlob
server
cloudflare
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAjeVjXFmA0tV2eT4SO2bmOVG0RkcMO_M4&ver=5.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://www.sightsciences.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
date
Fri, 04 Oct 2024 07:32:26 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
gtm.js
www.googletagmanager.com/ 		0
0
wp-emoji-release.min.js
www.sightsciences.com/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-includes/js/wp-emoji-release.min.js?ver=a94dfa4e7f93605a5fc9e74cbf6b3779
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"65cb7e57-4926"
age
140371
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Tue, 13 Feb 2024 14:36:07 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a60cb029189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
js
www.googletagmanager.com/gtag/ 		289 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-80JRSVJTRB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKR2LG8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f4a5488e87ccd19ed0fb84c5343ac920096f279c436a55c85273df173e19dafd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 04 Oct 2024 07:32:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100744
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKR2LG8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
371
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 04 Oct 2024 09:26:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 04 Oct 2024 07:26:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
anchor
www.google.com/recaptcha/api2/ Frame 8C53 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdVp_cbAAAAAAU4XCYrnVoAYX4qvk0a8gdztkPS&co=aHR0cHM6Ly93d3cuc2lnaHRzY2llbmNlcy5jb206NDQz&hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=y8sc1llgofb9
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tm9mTkkPi9Kxf0PxlZK6Zg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-tm9mTkkPi9Kxf0PxlZK6Zg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 04 Oct 2024 07:32:26 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
en.json
cdn.cookielaw.org/consent/197547a0-9673-4841-8302-4c127ad70c10/6a859fb9-244c-4ec0-be1c-25e07537b6bb/ 		42 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/197547a0-9673-4841-8302-4c127ad70c10/6a859fb9-244c-4ec0-be1c-25e07537b6bb/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd54243db95b49c74606da56dd71de627caf65f69b1d437b668dbd9e3e82195c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
hLRK5d4NonnqYqqADsA76g==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DC54E7A032CA38
age
4562
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Sat, 05 Oct 2024 07:32:26 GMT
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/json
last-modified
Thu, 04 Apr 2024 20:41:38 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
6ca496c1-a01e-0067-4aea-0b202d000000
cf-ray
8cd37a619dc3dccd-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
12798
x-ms-blob-type
BlockBlob
server
cloudflare
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
age
3516
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Fri, 04 Oct 2024 07:33:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 04 Oct 2024 06:33:50 GMT
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
697
x-xss-protection
0
server
sffe
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-80JRSVJTRB&gtm=45je4a20v892652835z879414907za200zb79414907&_p=1728027146206&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=1017553146.1728027147&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1728027146&sct=1&seg=0&dl=https%3A%2F%2Fwww.sightsciences.com%2F&dt=Sight%20Sciences&en=page_view&_fv=1&_ss=1&tfd=1507
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-80JRSVJTRB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.sightsciences.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/plain
server
Golfe2
td
www.googletagmanager.com/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=G-80JRSVJTRB&v=3&t=t&pid=1189314846&dl=www.sightsciences.com%2F&tdp=G-80JRSVJTRB;92652835;1;6;0&frm=0&rtg=9414907&rlo=53&slo=30&hlo=18&lst=1&pcid=9414907&z=0
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:59:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:59:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/plain
server
Golfe2
otFlat.json
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
GIzNmS9Em9y5nN4NL57NeA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5D340F5F432
x-ms-lease-status
unlocked
cf-cache-status
HIT
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 20:09:52 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
f62b8093-401e-0083-043f-d83327000000
cf-ray
8cd37a622f3edccd-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3017
x-ms-blob-type
BlockBlob
server
cloudflare
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a811246367093979c01fc9ea67e8db8c1b1e5abbd10fd669d6de163702c942b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
I/HbyocCTj1EXVakQLy+jg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5D3424C62E6
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
19963
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 20:09:54 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
901b10e6-701e-002a-30c0-d7e6cf000000
cf-ray
8cd37a622f43dccd-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
12700
x-ms-blob-type
BlockBlob
server
cloudflare
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
c7xAZ9MSGAobGaTYg/Qtag==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/css
last-modified
Tue, 16 Jul 2024 20:10:05 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
24d1962a-b01e-009d-1c7b-d8e9ca000000
cf-ray
8cd37a622f4adccd-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
collect
www.google-analytics.com/j/ 		15 B
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=927383932&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sightsciences.com%2F&ul=de-de&de=UTF-8&dt=Sight%20Sciences&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAjAAAAACAAI~&jid=102624383&gjid=2094465054&cid=1017553146.1728027147&tid=UA-122091605-1&_gid=901980534.1728027147&_slc=1&gtm=45He4a20n81PKR2LG8v79414907za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101671035~101747727&npa=1&z=1610643568
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f37317d95887776520d5a1f43b06cd92e2f09582a6188dfc95d5373d2cb14ecd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 04 Oct 2024 07:32:26 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.sightsciences.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
collect
stats.g.doubleclick.net/j/ 		1 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-122091605-1&cid=1017553146.1728027147&jid=102624383&gjid=2094465054&_gid=901980534.1728027147&npa=1&_u=aGBAgEAjAAAAAGAAI~&z=854487440
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1f::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 04 Oct 2024 07:32:26 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin
https://www.sightsciences.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
js
www.googletagmanager.com/gtag/ 		279 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CRKPF5GN3K&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7058ca66a2367180fb2fc2018d64cda59bafe4f1e6142597622f6a647b0c3fc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 04 Oct 2024 07:32:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98938
x-xss-protection
0
server
Google Tag Manager
ot_close.svg
cdn.cookielaw.org/logos/static/ 		651 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-md5
pcXWFGpuVeSg/jVnYCseRg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
6892
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
image/svg+xml
last-modified
Thu, 03 Oct 2024 13:13:04 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
23555f28-e01e-0102-5da9-15d725000000
cf-ray
8cd37a629c88db03-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
495 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
82422
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
image/svg+xml
last-modified
Tue, 01 Oct 2024 16:22:42 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
ebe1a251-301e-0062-3832-14d452000000
cf-ray
8cd37a62b8dddccd-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
SISC_RTS_Logo_Primary_RGB_P1.jpg
cdn.cookielaw.org/logos/c74dfbf7-7a34-4e8e-bec0-01dff39c5d99/197547a0-9673-4841-8302-4c127ad70c10/8661e1f0-67ec-4cdc-89c3-d7532b721c65/ 		153 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/c74dfbf7-7a34-4e8e-bec0-01dff39c5d99/197547a0-9673-4841-8302-4c127ad70c10/8661e1f0-67ec-4cdc-89c3-d7532b721c65/SISC_RTS_Logo_Primary_RGB_P1.jpg
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a6024b8b8b6e3f5415c511cf977ad27977df33a5cfae72a6e15d3c29aaf6e96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
UlVlmi5qaZVNKwOZkodvlA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
h2pri
etag
0x8DC542FEE06D197
x-ms-version
2009-09-19
cf-cache-status
HIT
age
82422
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
image/jpeg
last-modified
Wed, 03 Apr 2024 22:46:41 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
x-ms-request-id
16bb47e3-901e-0084-5e18-864b82000000
cf-ray
8cd37a62cce2db03-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
156879
x-ms-blob-type
BlockBlob
server
cloudflare
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
19496
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
image/svg+xml
last-modified
Thu, 03 Oct 2024 19:22:48 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
b155f26a-401e-0083-64cf-153327000000
cf-ray
8cd37a62cce4db03-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CRKPF5GN3K&gtm=45je4a20v9126363909za200&_p=1728027146206&_gaz=1&gcd=13l3l3l2l3l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&ul=de-de&sr=1600x1200&cid=1017553146.1728027147&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.sightsciences.com%2F&dt=Sight%20Sciences&sid=1728027146&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1692
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CRKPF5GN3K&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.sightsciences.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CRKPF5GN3K&cid=1017553146.1728027147&gtm=45je4a20v9126363909za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l3l1&npa=1&frm=0&tag_exp=101671035~101747727
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CRKPF5GN3K&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1f::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.sightsciences.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CRKPF5GN3K&cid=1017553146.1728027147&gtm=45je4a20v9126363909za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l3l1&npa=1&frm=0&tag_exp=101671035~101747727&tag_exp=101671035~101747727&z=1010150583
Requested by
Host: www.sightsciences.com
URL: https://www.sightsciences.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4005:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 04 Oct 2024 07:32:26 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
favicon.ico
www.sightsciences.com/wp-content/uploads/2024/03/ 		15 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.sightsciences.com/wp-content/uploads/2024/03/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb9f50ac40e0e1d22589c409ba11fa55043a95001b6e35dbfe9b80e93eb8dc3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sightsciences.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66276fc9-3aee"
x-content-type-options
nosniff
date
Fri, 04 Oct 2024 07:32:26 GMT
content-type
image/x-icon
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
cross-origin-embedder-polic
unsafe-none
last-modified
Tue, 23 Apr 2024 08:22:33 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
referrer-policy
same-origin
cf-ray
8cd37a63ae9f9189-FRA
permissions-policy
geolocation=self
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.sightsciences.com
URL
blob:https://www.sightsciences.com/f104818e-334d-476d-bb41-ac49860d930b
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtm.js?id=

Verdicts & Comments Add Verdict or Comment

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| OptanonWrapper object| _wpemojiSettings object| burst object| AdminParams function| wfu_run_js_from_bank function| wfu_Initialize_Consts function| wfu_Load_Code_Connectors function| wfu_Code_Object function| wfu_plugin_load_action function| wfu_install_unload_hook function| wfu_unload_hook function| wfu_Check_Browser_Capabilities function| wfu_check_animation function| wfu_join_strings function| wfu_plugin_decode_string function| wfu_plugin_encode_string function| wfu_decode_array_from_string function| wfu_randomString function| wfu_addEventHandler function| wfu_attach_element_handlers function| wfu_GetHttpRequestObject function| wfu_get_filelist function| wfu_add_files function| wfu_attach_cancel_event function| wfu_dettach_cancel_event function| wfu_selectbutton_changed function| wfu_selectbutton_clicked function| wfu_update_uploadbutton_status function| wfu_update_filename_text function| wfu_init_userdata_handlers function| wfu_Redirect function| wfu_loadStart function| wfu_update_upload_metrics function| wfu_uploadProgress function| wfu_notify_WPFilebase function| wfu_send_email_notification function| wfu_uploadComplete function| wfu_ProcessUploadComplete function| wfu_uploadFailed function| wfu_uploadCanceled function| wfu_notify_server_upload_ended function| wfu_Initialize_Params function| wfu_redirect_to_classic function| wfu_redirect_to_classic_cont function| wfu_filesselected function| wfu_get_stored_formdata function| wfu_set_stored_formdata function| wfu_check_required_userdata function| wfu_HTML5UploadFile function| wfu_HTML5UploadFile_cont function| wfu_initialize_fileupload_xhr function| wfu_get_userdata_count function| wfu_lock_upload function| wfu_unlock_upload function| wfu_clear_files function| wfu_check_reset function| wfu_clear function| wfu_invoke_shortcode_editor function| wfu_browser_load_action function| wfu_apply_bulkaction_select function| wfu_browser_initialize_bulkactions function| wfu_apply_browser_bulkselect function| wfu_apply_browser_bulkaction function| wfu_add_cookies string| WFU_PROACTIVE object| GlobalData object| Code_Initializators object| wfu_BrowserCaps function| wfu_js_decode_obj function| wfu_filelist_toggle function| wfu_filelist_removeall function| wfu_filelist_removefile function| wfu_filelist_clear function| wfu_update_filelist function| wfu_captcha_init function| wfu_process_message function| wfu_set_captcha_state function| wfu_send_captcha_reset_command function| wfu_send_captcha_reset_command_internal function| wfu_send_captcha_reset_command_external function| wfu_captcha_ok function| wfu_captcha_changed function| wfu_captcha_expired function| wfu_process_captcha_error function| wfu_create_react_dom function| wfu_render_react_component function| wfu_chunk_reset function| wfu_Attach_DragDrop_Events function| wfu_selectfiles_fromdrag function| wfu_browser_mouseover function| wfu_browser_mouseout function| wfu_get_browser_fileprops function| wfu_browser_apply_fileprops function| wfu_goto_browsernav_page function| wfu_browsernav_update function| wfu_browser_addrow function| wfu_sort_fileprops function| wfu_browser_sort function| wfu_browser_delete_file function| wfu_browser_select_all_visible_changed function| wfu_browser_store_selector function| wfu_browser_update_selector_status function| wfu_browser_selector_changed function| wfu_browser_reload function| wfu_browser_update_html function| wfu_download_file_frontend function| wfu_download_file_monitor_frontend function| wfu_delete_file_frontend function| wfu_delete_file_process_result function| wfu_browser_register_search_filter function| wfu_browser_apply_client_search_filters function| wfu_browser_apply_server_search_filters function| wfu_browser_client_search_filters_changed function| wfu_browser_server_search_filters_changed function| wfu_browser_search_filters_changed function| wfu_initialize_webcam function| wfu_reinitialize_webcam function| wfu_webcam_init_callback function| wfu_webcam_counter_status function| wfu_webcam_update_counter function| wfu_webcam_video_devices function| wfu_webcam_switch_devices function| wfu_webcam_switch function| wfu_webcam_reset_stream function| wfu_webcam_onoff function| wfu_webcam_golive function| wfu_webcam_start_rec function| wfu_webcam_stop_rec function| wfu_webcam_onstop function| wfu_webcam_play function| wfu_webcam_ended function| wfu_webcam_pause function| wfu_webcam_back function| wfu_webcam_fwd function| wfu_webcam_update_preview function| wfu_webcam_take_picture function| wfu_webcam_screenshot_error function| wfu_webcam_update_pos function| wfu_webcam_init_svginjector function| wfu_webcam_initialize_toBlob function| wfu_mediarecorder_mimetype function| $ function| jQuery object| dataLayer object| OtTrustedType object| wp function| sprintf function| vsprintf object| swv object| wpcf7 object| PojoA11yOptions object| wpcf7cf_global_settings function| Wpcf7cfRepeater function| Wpcf7cfMultistep object| wpcf7cf object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| TimeMe function| burst_enable_cookies function| burst_update_hit function| burst_track_hit function| burst_init_events object| wpcf7_recaptcha function| _typeof function| _slicedToArray function| _nonIterableRest function| _unsupportedIterableToArray function| _arrayLikeToArray function| _iterableToArrayLimit function| _arrayWithHoles function| Inputmask function| default string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData function| Swiper object| google object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| recaptcha object| closure_lm_343920 object| twemoji object| gaplugins object| gaGlobal object| gaData object| Optanon object| OneTrust

10 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AGteOyo9HVF9ono10QPhDWCE4djJKIwBFzMms7vQzbCKmgRgYbsR74TMymLLX0i35g2fFU2EucVBGH0u6yXOIQ0
www.sightsciences.com/ Name: wp_wpfileupload_0
Value: M5ZAm8gpzXwPgerXTL3EbMawqYgDKWcR
www.sightsciences.com/ Name: burst_uid
Value: fe1d6dd2d3321cf42f170c2cb56c331c
.sightsciences.com/ Name: _gcl_au
Value: 1.1.1712598065.1728027146
.sightsciences.com/ Name: _gid
Value: GA1.2.901980534.1728027147
.sightsciences.com/ Name: _ga
Value: GA1.1.1017553146.1728027147
.sightsciences.com/ Name: _ga_80JRSVJTRB
Value: GS1.1.1728027146.1.0.1728027146.0.0.0
.sightsciences.com/ Name: _dc_gtm_UA-122091605-1
Value: 1
.sightsciences.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Fri+Oct+04+2024+09%3A32%3A26+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202311.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=ba778a5a-c1f2-4ce4-ac96-b36a7a263b68&interactionCount=0&landingPath=https%3A%2F%2Fwww.sightsciences.com%2F&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0
.sightsciences.com/ Name: _ga_CRKPF5GN3K
Value: GS1.2.1728027146.1.0.1728027146.60.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src 'self' data: http: https: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: googleapis.com gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; style-src 'self' 'unsafe-inline' blob: http: https: fonts.googleapis.com; font-src 'self' data: http: https: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' 'unsafe-inline' https: cdn.flipsnack.com *.google.com *.sightsciencessales.my.salesforce.com *.sightsciences.my.salesforce.com; connect-src 'self' *.cloudfront.net cdn.cookielaw.org *.onetrust.com *.clarity.ms analytics.tiktok.com ct.pinterest.com *.googleapis.com *.google-analytics.com *.google.com *.gstatic.com *.hotjar.com *.doubleclick.net data: blob:; worker-src 'self' blob:; frame-ancestors 'self' https://sightsciencessales.my.salesforce.com https://sightsciences.my.salesforce.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
maps.googleapis.com
region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.sightsciences.com
www.googletagmanager.com
www.sightsciences.com
141.193.213.10
2001:4860:4802:32::36
2606:4700:4400::ac40:9b77
2606:4700::6812:562a
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:830::200e
2a00:1450:4005:800::2003
2a00:1450:400c:c1f::9c
0d5f949fcf84560d013b596b51856d6bc487bedc510bc712e82458f00b2506e5
0f20ff5aeee34b0433c2757816fed996cef080cbcbb3f5137ec7f724aeef356f
10a38adf03954cf6ce84dd65d36a6169c0ef76fdbe707156a59709bdeffcabc6
111da58b16b15c6bac6126be92d0a83c8d1dc4139b6361411a744deda5242c66
11ef366db594a4ad108ea0788bc258a5c293857db4bd8902df88adc8c7d41473
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7
17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937
18236265ee62767272f3f115629a3bb73cf4dd28fbf0527c0c0ec93ade0a1c9d
1a6024b8b8b6e3f5415c511cf977ad27977df33a5cfae72a6e15d3c29aaf6e96
1bd0ee4c68084b61e38600aa77ffa0f23a3be7fe8c2aaa0a793db394ca2dd9bf
1c758bb957c08751687dd5b1267d9e407cc7d955f495be53f9515a23f3981514
2b04f9673bcfc37d2289d0510852ab52922bc7a249fdd413d6d7f6dfe3cb21e0
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
3101026642c51ebeaf140425e23e9d543eca49d400f73acbd1b5be52178b1654
400e8f96baa8a140bfa227fb5ff24541fd9edd8295780615ff33680bb200deb7
41694e20441abd581bdcbd729731d8850c50dc9a27f864d81d25988eb244ed82
43f53421fef96a525b5fc208f6a59bd72479f0d9816dba0a416f68ee81d648a6
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
485e7749145caabf11b46387575c451c70b63274407432ae2492f3c7fca03c8c
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
504302cf002550392dfbe006fdae442970ebc7f8d44ba0b57730e73a2c131eb3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5c815c0e8c8d4a540d31b3a66edc2a695a6ed1533ea0072d621f3fb73e24a76d
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
60591ca421a0aed3fc0312e09a44de76bc9f090cd2af631fe4ea3c768fd5082e
646be94d8c530951d009c8553231592b098e8708da86fbf13019cde550148742
6794a4bc1a6662f15a0be95b9af424c28b429f80c68327a88427dcc72f5b6e21
683c9b0530c613523f1b02a246d7bccaa9f68af46df061f4d9f72c178c01b874
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7058ca66a2367180fb2fc2018d64cda59bafe4f1e6142597622f6a647b0c3fc0
7392bacbec2f47bf5ef5533139033b0c7303e263bd2f10c5507fe3f22e9c157e
747ee080eb57ab3ca956da0c0779e4177492db9da1a7022c4979936c2fd872f1
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7e84c9f8d71bc6eb2dac2fce59a6caea62da51ffa8cf56b41806f59386ab1322
8299ff4f0a4f809995dbace583b14258b897eda6eb49b44d6cc58c9a755d68bc
8635cb1f53e720094ad3494627fd904246c714272f0aaa563117f2688deaee24
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
88fdd19e2653570cae02643792710ac13d03f93c950ed147d58619741acc895e
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9957da6d164b0b4b42b6d62f6c26a33e2a56eab39b75624ed64da31e9c9ccd37
9a811246367093979c01fc9ea67e8db8c1b1e5abbd10fd669d6de163702c942b
9eb9f50ac40e0e1d22589c409ba11fa55043a95001b6e35dbfe9b80e93eb8dc3
a79f8a73bffb3ca79934798f4c91f95ea1c07e8ff4b998b9df73bf2196937f31
afd60048d61dd72e9846575e534dfcf5e5d5643a7fd0e61f0e659065038bfe99
c64e5dd1d299c4e8801695fa0237d47100e6c0e7b2b5c5b9bdc9d1f6234f0b13
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca4df2bf400a42d8752e115f03366a90b2b4ed06b2da9ef429d41fda5f15705e
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cb906f69525562a497f4b92e975c0d7b3c1006f2d46ca2d73310fe3e5a966c2c
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
cd96213a75509fd2f32e5db4f67f4808e5cb82001702f2246e342f603eb81df3
cdf6e101693261003024f15e62d081789a1ae71b9ba7ebfa9bf7a451275a9769
cedc9155263d1f634191e71f3c9ce256b315f833e375739ed0e65087996428cc
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d75356eb7ef74d126747ebabc62ba775081d042fe743ae3b235554726cb82408
d9b268266af74b5c0834e2a519303ca97c5427c5fb7abb3b89ad29e07664be14
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de814ee54a6d72eeb83f6e284b47c013c175fb3dbac74c6e030178a39ad24b8d
df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b
df9997ade749a1bd7854d38223a7299c2745cf73b5ecbb959e2e25d15246d40e
e1c8c013d47bcd45ea167961744f84ae87299896ba3e28cd0cf3d16fc17282a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b03ad4c034ae937a290ead2d41fe12314f0443fe4da511d337d14975bc09bc
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ed43f579949da24beaa12f1fc47df194cc7b257bc1e7f4b0028950ee1971f0f0
ee52185d6a681a5d5b8a21ff5321901ce83e4ded11213a2e169d8be1e0417aab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb
f2d32fd1daff93541b10e0eb1b54b8d4d9f0c4d2d09a87536d9640b4ca403691
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
f36adc07db49e73c3fd3aeb4234d270725f07719706dd28dfc09657f2cffe9d6
f37317d95887776520d5a1f43b06cd92e2f09582a6188dfc95d5373d2cb14ecd
f4a5488e87ccd19ed0fb84c5343ac920096f279c436a55c85273df173e19dafd
f4f38119efea773d48ee9e7d1efa01479cbf2f15ce205a759e72d921b30f5d2c
f7b4fa13cd9b59f71c10987fb56ed3ddc2ab3d6c445de22d5039666da73fc7f4
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fd54243db95b49c74606da56dd71de627caf65f69b1d437b668dbd9e3e82195c
ffc1175e23005eed96f40fb47d33247db2d38118a6780d1b49b012a9fdf86469