www.xiidra.com Open in urlscan Pro
2606:4700:4400::6812:245a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xiidra.com/
Effective URL:
https://www.xiidra.com/
Submission Tags: tranco_l324
Submission: On May 31 via api (May 31st 2024, 7:14:34 am UTC) from DE — Scanned from SE

Summary HTTP 70 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 15 domains to perform 70 HTTP transactions. The main IP is 2606:4700:4400::6812:245a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.xiidra.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on March 4th 2024. Valid for: a year.

This is the only time www.xiidra.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	217.114.94.2 217.114.94.2	30811 (EPISERVER_AS) (EPISERVER_AS)
42	2606:4700:440... 2606:4700:4400::6812:245a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 _) (CDN77 _)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3	87.230.98.76 87.230.98.76	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
1	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	172.217.23.100 172.217.23.100	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	35.241.19.70 35.241.19.70	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	20.50.88.245 20.50.88.245	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
70	17

1 217.114.94.2 (Sweden) 1 redirects

ASN30811 (EPISERVER_AS, SE)

xiidra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2606:4700:4400::6812:245a (United States)

ASN13335 (CLOUDFLARENET, US)

www.xiidra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.230.98.76 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: ma5050018.psmanaged.com

d.delivery.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.19.70 (Mountain View, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 70.19.241.35.bc.googleusercontent.com

sync.graph.bluecava.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.88.245 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	xiidra.com 1 redirects xiidra.com www.xiidra.com	961 KB
8	consentmanager.net cdn.consentmanager.net — Cisco Umbrella Rank: 14306 d.delivery.consentmanager.net — Cisco Umbrella Rank: 35248	129 KB
3	googlesyndication.com 1 redirects ade.googlesyndication.com — Cisco Umbrella Rank: 317 pagead2.googlesyndication.com — Cisco Umbrella Rank: 103	903 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	269 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 751	200 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	71 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	971 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	245 B
1	gstatic.com www.gstatic.com	208 KB
1	doubleclick.net pubads.g.doubleclick.net — Cisco Umbrella Rank: 412	63 B
1	bluecava.com sync.graph.bluecava.com — Cisco Umbrella Rank: 2247	247 B
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 691	149 B
1	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 644	56 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1 KB
70	15

	Domain	Requested by
42	www.xiidra.com	www.xiidra.com
5	cdn.consentmanager.net	www.xiidra.com cdn.consentmanager.net d.delivery.consentmanager.net
3	www.googletagmanager.com	www.xiidra.com www.googletagmanager.com
3	d.delivery.consentmanager.net	cdn.consentmanager.net www.xiidra.com
2	dc.services.visualstudio.com	js.monitor.azure.com
2	www.facebook.com	www.xiidra.com
2	ade.googlesyndication.com	1 redirects www.xiidra.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	www.google.com	www.xiidra.com www.gstatic.com
1	region1.google-analytics.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	pubads.g.doubleclick.net	www.xiidra.com
1	sync.graph.bluecava.com	www.xiidra.com
1	insight.adsrvr.org	www.xiidra.com
1	js.monitor.azure.com	www.xiidra.com
1	fonts.googleapis.com	www.xiidra.com
1	xiidra.com	1 redirects
70	18

This site contains links to these domains. Also see Links.

Domain
pi.bausch.com
www.xiidra-ecp.com
www.bausch.com
xiidra.copaysavingsprogram.com
www.fda.gov
cloud.marketing.bausch.com
submit-irm.trustarc.com

Subject Issuer	Validity	Valid
www.xiidra.com Entrust Certification Authority - L1K	`2024-03-04` - `2025-03-04`	a year	crt.sh
1376624012.rsc.cdn77.org R3	`2024-04-26` - `2024-07-25`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
d.delivery.consentmanager.net R3	`2024-04-13` - `2024-07-12`	3 months	crt.sh
js.monitor.azure.com Microsoft Azure RSA TLS Issuing CA 04	`2024-05-22` - `2025-05-17`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.google.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-09` - `2024-06-07`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
sync.graph.bluecava.com GTS CA 1D4	`2024-04-25` - `2024-07-24`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 04	`2024-04-10` - `2025-04-05`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.xiidra.com/
Frame ID: 42F294D4496BABBF48E4FCD281F68FC0
Requests: 68 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcsP2IpAAAAABBYxU3yaPWXW30r3K2rLW4ZC3jn&co=aHR0cHM6Ly93d3cueGlpZHJhLmNvbTo0NDM.&hl=en&v=DH3nyJMamEclyfe-nztbfV8S&size=invisible&cb=xcyp53r60vi8
Frame ID: F25C5367F907EA6C356447B67BAB8828
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dry Eye Treatment | XIIDRA® (lifitegrast ophthalmic solution)

Page URL History Show full URLs

http://xiidra.com/ HTTP 307
https://xiidra.com/ HTTP 301
https://www.xiidra.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

70
Requests

99 %
HTTPS

50 %
IPv6

15
Domains

18
Subdomains

17
IPs

4
Countries

1701 kB
Transfer

4274 kB
Size

11
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://pi.bausch.com/globalassets/pdf/packageinserts/pharma/xiidra-prescribing-information.pdf#Patient-Information
Title: Patient Information

Search URL Search Domain Scan URL

URL: https://pi.bausch.com/globalassets/pdf/packageinserts/pharma/xiidra-prescribing-information.pdf
Title: Full Prescribing Information

Search URL Search Domain Scan URL

URL: https://www.xiidra-ecp.com/
Title: Healthcare Professionals Site

Search URL Search Domain Scan URL

URL: https://www.bausch.com/terms/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.bausch.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.bausch.com/
Title: click here

Search URL Search Domain Scan URL

URL: https://xiidra.copaysavingsprogram.com/
Title: My Savings Program

Search URL Search Domain Scan URL

URL: https://www.fda.gov/medwatch
Title: CONTINUE

Search URL Search Domain Scan URL

URL: https://www.bausch.com/about-bausch-lomb/contact-us/
Title: CONTACT US

Search URL Search Domain Scan URL

URL: https://cloud.marketing.bausch.com/Privacy-Page-Unsubscribe
Title: Unsubscribe

Search URL Search Domain Scan URL

URL: https://cloud.marketing.bausch.com/do-not-sell-or-share
Title: Do Not Sell or Share My Personal Information

Search URL Search Domain Scan URL

URL: https://cloud.marketing.bausch.com/do-not-target
Title: Do Not Target

Search URL Search Domain Scan URL

URL: https://cloud.marketing.bausch.com/Limit-Sensitive-Personal-Information-Usage
Title: Limit the Use of My Sensitive Personal Information

Search URL Search Domain Scan URL

URL: https://submit-irm.trustarc.com/services/validation/57c4f658-fcc9-4285-a079-28407529c706

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xiidra.com/ HTTP 307
https://xiidra.com/ HTTP 301
https://www.xiidra.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://ade.googlesyndication.com/ddm/activity/src=14001325;type=xiidr0;cat=xiidr0;ord=7776770024216;npa=1;gdid=dMzk4MW;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45t0z89171508011za201zb9171508011;gcs=G100;gcd=13p3p3p2p5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.xiidra.com%2F HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=14001325;dc_pre=CO7XpuCrt4YDFRNnHgIdHw0DVg;type=xiidr0;cat=xiidr0;ord=7776770024216;npa=1;gdid=dMzk4MW;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45t0z89171508011za201zb9171508011;gcs=G100;gcd=13p3p3p2p5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.xiidra.com%2F

70 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.xiidra.com/
Redirect Chain

http://xiidra.com/
https://xiidra.com/
https://www.xiidra.com/

79 KB
31 KB

413ms
248ms

Document
text/html

2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26da96707fcd353634239ae88be6ca5b772dca6d241c95f2ef660e3ad471d786

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cache-control: no-cache,no-store
cf-cache-status: DYNAMIC
cf-ray: 88c52ac9adcf5685-OSL
content-encoding: gzip
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
content-type: text/html; charset=utf-8
date: Fri, 31 May 2024 07:14:27 GMT
expires: -1
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
server: cloudflare
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1

Redirect headers

cf-ray: 88c52ac76e779933-ARN
content-length: 0
date: Fri, 31 May 2024 07:14:27 GMT
location: https://www.xiidra.com/
server: cloudflare
vary: Accept-Encoding

GET
H2 200 088bfd2711b8c.js Show response
cdn.consentmanager.net/delivery/autoblocking/ 72 KB
15 KB 261ms
119ms Script
text/javascript 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.consentmanager.net/delivery/autoblocking/088bfd2711b8c.js

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

9bd8dae6154c84a2f0f1045a5089b55d3fde24c011c9d5da252a27b0ea656986

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 31 May 2024 07:14:27 GMT
content-encoding: gzip
x-77-cache: HIT
x-cache: MISS
edge-control: public, max-age=1800
x-accel-date: 1717137872
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
x-77-nzt: EggBw7WvDgFBDAElE8IxAfcDBwAA
x-accel-expires: @1717139672
x-77-age: 1795
last-modified: Fri, 31 May 2024 06:44:32 GMT
server: CDN77-Turbo
x-77-nzt-ray: 908339307d4ec0f4d3785966ac23dd33
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
expires: Fri, 31 May 2024 07:14:32 GMT

GET
H2 200 jquery.js Show response
www.xiidra.com/Static/js/ 256 KB
82 KB 354ms
352ms Script
application/javascript 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xiidra.com/Static/js/jquery.js

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddf9f74212adf7c141cd4564b2031afb140c7043ed3b9b06f348c04a551fba98

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-encoding: gzip
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 May 2024 19:22:50 GMT
server: cloudflare
etag: W/"1dab2c6c2ad61a5"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray: 88c52acb4f525685-OSL
expires: Fri, 31 May 2024 11:14:28 GMT

GET
H2 200 jquery-ui.js Show response
www.xiidra.com/Static/js/ 440 KB
114 KB 396ms
394ms Script
application/javascript 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xiidra.com/Static/js/jquery-ui.js

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b929db75808062c34909c7ede4f3e17a8bda4c6b489ff5d40e742b44608eee01

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-encoding: gzip
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 May 2024 19:22:50 GMT
server: cloudflare
etag: W/"1dab2c6c2af801f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray: 88c52acb4f535685-OSL
expires: Fri, 31 May 2024 11:14:28 GMT

GET
H2 200 bundle.js Show response
www.xiidra.com/Static/js/ 114 KB
48 KB 345ms
344ms Script
application/javascript 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xiidra.com/Static/js/bundle.js

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2db2bc2bcee40a6d0905a9dbe1f546727718042f880fb6955e3af7ce148a191b

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-encoding: gzip
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 May 2024 19:22:50 GMT
server: cloudflare
etag: W/"1dab2c6c2a8a7c2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray: 88c52acb4f545685-OSL
expires: Fri, 31 May 2024 11:14:28 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 227ms
80ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700;900&display=swap

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad1fce96f87d256155db5c433075af35926be7d90c6bd109e8c66f6e6e8dc473

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 31 May 2024 07:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 31 May 2024 07:14:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 31 May 2024 07:14:27 GMT

GET
H2 200 bootstrap.min.css
www.xiidra.com/Assets/Xiidra-DTC/css/ 152 KB
31 KB 461ms
460ms Stylesheet
text/css 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xiidra.com/Assets/Xiidra-DTC/css/bootstrap.min.css

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd7d64b0e5fcc2db8a7bc7a8779a1b11a84b494b2baf9b625f8b95f59be481a9

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-encoding: gzip
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 May 2024 19:22:50 GMT
server: cloudflare
etag: W/"1dab2c6c2ab01cb"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray: 88c52acb4f4f5685-OSL
expires: Fri, 31 May 2024 11:14:28 GMT

GET
H2 200 global.css
www.xiidra.com/Assets/Xiidra-DTC/css/ 153 KB
26 KB 396ms
395ms Stylesheet
text/css 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xiidra.com/Assets/Xiidra-DTC/css/global.css

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c0acc5fb4b751b7f70707dca824c5f8598f356cea264441203141a6510c61ab

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-encoding: gzip
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 May 2024 19:22:50 GMT
server: cloudflare
etag: W/"1dab2c6c2ab02bf"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray: 88c52acb4f505685-OSL
expires: Fri, 31 May 2024 11:14:28 GMT

GET
H2 200 EPiServerForms.css
www.xiidra.com/Util/EPiServer.Forms/ 5 KB
1 KB 337ms
336ms Stylesheet
text/css 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xiidra.com/Util/EPiServer.Forms/EPiServerForms.css
Requested by: Host: www.xiidra.com
URL: https://www.xiidra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b0b69c017304e576079a50cd59c41662061a42f9ccfcfd346015715842ee9d7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
date: Fri, 31 May 2024 07:14:28 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 08 Dec 2023 10:02:32 GMT
server: cloudflare
etag: W/"1da29bda8e53981"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 88c52acb4f515685-OSL
expires: Fri, 31 May 2024 11:14:28 GMT

GET
H2 200 icons_instragram.png
www.xiidra.com/siteassets/img/ 2 KB
11 KB 391ms
390ms Image
image/png 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xiidra.com/siteassets/img/icons_instragram.png

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb14286ed6cc5fdbce525be8af99fe9cb657eecf7551116a5193f60a9316c17c

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-length: 1566
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:57:13 GMT
server: cloudflare
etag: "1da8317217a4c9e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=43199
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 88c52acb4f555685-OSL
expires: Fri, 31 May 2024 19:14:27 GMT

GET
H2 200 icons_youtube.png
www.xiidra.com/siteassets/img/ 1 KB
10 KB 392ms
392ms Image
image/png 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xiidra.com/siteassets/img/icons_youtube.png

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7eedb2b60ffbe637fe71fd225370ef5bd27ced189b6177227d67475dda332a5e

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-length: 1058
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:57:13 GMT
server: cloudflare
etag: "1da8317217a4ea2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=43199
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 88c52acb4f575685-OSL
expires: Fri, 31 May 2024 19:14:27 GMT

GET
H2 200 icons_facebook.png
www.xiidra.com/siteassets/img/ 1 KB
10 KB 239ms
237ms Image
image/png 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xiidra.com/siteassets/img/icons_facebook.png

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e1868c17da591e391f9cc4d348be10f780cfb090fb9cef9ce53511d04cbaab8

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-length: 1150
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:57:13 GMT
server: cloudflare
etag: "1da8317217a4efe"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 88c52acdba2e5685-OSL
expires: Fri, 31 May 2024 19:14:28 GMT

GET
H2 200 icons_twitter.png
www.xiidra.com/siteassets/img/ 1 KB
10 KB 259ms
257ms Image
image/png 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xiidra.com/siteassets/img/icons_twitter.png

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6058d3739dc23728c161c41bb63fe9469abad72f832087bdf8c4cdb82dea2f8f

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-length: 1304
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:57:13 GMT
server: cloudflare
etag: "1da8317217a4f98"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 88c52acdba2f5685-OSL
expires: Fri, 31 May 2024 19:14:28 GMT

GET
H2 200 logo-blue.png
www.xiidra.com/siteassets/img/ 7 KB
16 KB 311ms
305ms Image
image/png 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xiidra.com/siteassets/img/logo-blue.png

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e95b0f1efa504cea38a735edd50eeadbfb127597c791b07cacc28ecd8117e1b9

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-length: 7132
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:57:05 GMT
server: cloudflare
etag: "1da83171cb58d5c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 88c52ace4aa95685-OSL
expires: Fri, 31 May 2024 19:14:28 GMT

GET
H2 200 logo-white.png
www.xiidra.com/siteassets/img/ 19 KB
28 KB 244ms
239ms Image
image/png 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xiidra.com/siteassets/img/logo-white.png

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7376c41dc1c7154659274b78ee22b099e84f1726684e6f3433ec5cd49231ed7a

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-length: 18976
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:57:06 GMT
server: cloudflare
etag: "1da83171d4e6720"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 88c52ace4ab05685-OSL
expires: Fri, 31 May 2024 19:14:28 GMT

GET
H2 200 hamburger-menu.png
www.xiidra.com/siteassets/img/ 234 B
9 KB 247ms
241ms Image
image/png 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xiidra.com/siteassets/img/hamburger-menu.png

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1769ebc7b5039d94f22eaf95a7677f88150d243e25d66dd300d3358bb9f51c1f

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-length: 234
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:56:59 GMT
server: cloudflare
etag: "1da831719220f6a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 88c52ace4ab35685-OSL
expires: Fri, 31 May 2024 19:14:28 GMT

GET
H2 200 hamburger-close.png
www.xiidra.com/siteassets/img/ 682 B
10 KB 387ms
382ms Image
image/png 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xiidra.com/siteassets/img/hamburger-close.png

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4804540a73d9057701a0f476272d3ed8f2476621ab6bac902192fe1cab84485

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-length: 682
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:56:59 GMT
server: cloudflare
etag: "1da831719220d2a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 88c52ace4ab45685-OSL
expires: Fri, 31 May 2024 19:14:28 GMT

GET
H2 200 icon-location.png
www.xiidra.com/siteassets/img/ 437 B
10 KB 312ms
307ms Image
image/png 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xiidra.com/siteassets/img/icon-location.png

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8516133c53a9d58f4546558aa2cb4d02a8023ab011abeb39dae48edd3124066a

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-length: 437
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:57:13 GMT
server: cloudflare
etag: "1da8317217a4b35"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 88c52ace4ab65685-OSL
expires: Fri, 31 May 2024 19:14:28 GMT

GET
H2 200 img-681x514-banner-home.png
www.xiidra.com/siteassets/img/ 86 KB
95 KB 261ms
256ms Image
image/png 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xiidra.com/siteassets/img/img-681x514-banner-home.png

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc368b551a9ab36a1a9b809873da36dabe2b1c0ec05f26377cbefe3a543c9f5

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-length: 87750
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:57:05 GMT
server: cloudflare
etag: "1da83171cb4c046"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 88c52ace4ab75685-OSL
expires: Fri, 31 May 2024 19:14:28 GMT

GET
H2 200 hero-image-mob.png
www.xiidra.com/siteassets/img/ 40 KB
49 KB 353ms
349ms Image
image/png 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xiidra.com/siteassets/img/hero-image-mob.png

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ceec82ddb06cdb6332f285fc560afd3053eaa0786f73b85145134f786975b888

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-length: 40816
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:56:59 GMT
server: cloudflare
etag: "1da8317192290f0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 88c52ace8af25685-OSL
expires: Fri, 31 May 2024 19:14:28 GMT

GET
H2 200 drops.png
www.xiidra.com/siteassets/img/ 3 KB
12 KB 354ms
350ms Image
image/png 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xiidra.com/siteassets/img/drops.png

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea09dac363d1c255d45dc66d1e9597ce9be7f363db5e1f65809790f6c00003a2

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-length: 3250
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:56:59 GMT
server: cloudflare
etag: "1da831719220332"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 88c52ace8af35685-OSL
expires: Fri, 31 May 2024 19:14:28 GMT

GET
H2 200 lens-eye.png
www.xiidra.com/siteassets/img/ 3 KB
13 KB 355ms
351ms Image
image/png 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xiidra.com/siteassets/img/lens-eye.png

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3534c389af0c0482fc643f77e608d492a0c047b936438bc4d72c8d78041e0b54

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-length: 3364
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:57:05 GMT
server: cloudflare
etag: "1da83171cb59ba4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 88c52ace8af45685-OSL
expires: Fri, 31 May 2024 19:14:28 GMT

GET
H2 200 img-64x64-system.png
www.xiidra.com/siteassets/img/ 532 B
10 KB 315ms
311ms Image
image/png 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xiidra.com/siteassets/img/img-64x64-system.png

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

864f571c0a78313f402d96f5323cd7a0242805969588008958d379386e74ae2a

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-length: 532
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:57:05 GMT
server: cloudflare
etag: "1da83171cb59494"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 88c52ace8af65685-OSL
expires: Fri, 31 May 2024 19:14:28 GMT

GET
H2 200 img-450x250-xidra-card.png
www.xiidra.com/siteassets/img/ 18 KB
27 KB 326ms
322ms Image
image/png 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xiidra.com/siteassets/img/img-450x250-xidra-card.png

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e06c07ee60507c8e85a2540c9ce5e9851bdcb240faf6957f77729cc5cdee9306

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-length: 18700
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:57:04 GMT
server: cloudflare
etag: "1da83171c1d490c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 88c52ace8af75685-OSL
expires: Fri, 31 May 2024 19:14:28 GMT

GET
H2 200 img-34x43-icon-location.png
www.xiidra.com/siteassets/img/ 330 B
9 KB 313ms
309ms Image
image/png 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xiidra.com/siteassets/img/img-34x43-icon-location.png

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d865d6b75eb0d0e47b61b1549db77878b8e9f1acb3494ddedd848c5c8869091

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-length: 330
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:57:13 GMT
server: cloudflare
etag: "1da8317217a4bca"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 88c52ace8af85685-OSL
expires: Fri, 31 May 2024 19:14:28 GMT

GET
H2 200 icons_close.svg
www.xiidra.com/siteassets/img/ 799 B
9 KB 355ms
351ms Image
image/svg+xml 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xiidra.com/siteassets/img/icons_close.svg

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c210bd46e016b8b1c7d08001becbbcc00c111f00bb02943cd6db1cf109211da7

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-encoding: gzip
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:57:13 GMT
server: cloudflare
etag: W/"1da8317217a499f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray: 88c52ace8af95685-OSL
expires: Fri, 31 May 2024 19:14:28 GMT

GET
H2 200 xiidra_logo.png
www.xiidra.com/siteassets/img/ 10 KB
19 KB 324ms
320ms Image
image/png 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xiidra.com/siteassets/img/xiidra_logo.png

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ab4e6dcf7db91747069ae00f49123ceae8a003a287939de9cce8acf1b1e5003

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-length: 10266
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:57:13 GMT
server: cloudflare
etag: "1da8317217a629a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 88c52ace8afa5685-OSL
expires: Fri, 31 May 2024 19:14:28 GMT

GET
H2 200 img-34x87-speaker-modal.png
www.xiidra.com/siteassets/img/ 11 KB
20 KB 364ms
360ms Image
image/png 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xiidra.com/siteassets/img/img-34x87-speaker-modal.png

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2522dd8a82e43993dff5c66c155ae4f36f4b48277e045959ccdd5fba7c3718d6

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-length: 11068
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:57:13 GMT
server: cloudflare
etag: "1da8317217a61bc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 88c52ace8afb5685-OSL
expires: Fri, 31 May 2024 19:14:28 GMT

GET
H2 200 img-50x56-xiidra-logo.png
www.xiidra.com/siteassets/img/ 12 KB
21 KB 316ms
312ms Image
image/png 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xiidra.com/siteassets/img/img-50x56-xiidra-logo.png

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1764c66dbd4c205ce8ef650af025317e2323196ae72b33609eca3e0b736fccc0

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-length: 11813
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:57:13 GMT
server: cloudflare
etag: "1da8317217a64a5"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 88c52ace8afc5685-OSL
expires: Fri, 31 May 2024 19:14:28 GMT

GET
H2 200 img-5x5-xmark-icon.png
www.xiidra.com/siteassets/img/ 298 B
9 KB 350ms
347ms Image
image/png 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xiidra.com/siteassets/img/img-5x5-xmark-icon.png

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8e0a3123beb44b7eff655247e3f2274e6ccfa1a12a0893779d892c85fc000ad

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-length: 298
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:57:13 GMT
server: cloudflare
etag: "1da8317217a4baa"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 88c52ace8afd5685-OSL
expires: Fri, 31 May 2024 19:14:28 GMT

GET
H2 200 bausch-lomb-logo.svg
www.xiidra.com/siteassets/img/ 4 KB
11 KB 569ms
566ms Image
image/svg+xml 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xiidra.com/siteassets/img/bausch-lomb-logo.svg

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cc31ab42e5bc37a58a6ccd90bf2d319dbc7cd0e3ed889cb2fc697481e0ce53f

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-encoding: gzip
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:57:13 GMT
server: cloudflare
etag: W/"1da8317217a4462"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray: 88c52ace8afe5685-OSL
expires: Fri, 31 May 2024 19:14:28 GMT

GET
H2 200 img-trust-arc-grey.svg
www.xiidra.com/siteassets/img/ 7 KB
12 KB 321ms
318ms Image
image/svg+xml 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xiidra.com/siteassets/img/img-trust-arc-grey.svg

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02282d8ba2d2ef937e5815d01d02592e7309e7dece1e05896edf283819705744

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-encoding: gzip
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:57:13 GMT
server: cloudflare
etag: W/"1da8317217a57c6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray: 88c52ace8b015685-OSL
expires: Fri, 31 May 2024 19:14:28 GMT

GET
H2 200 find.js Show response
www.xiidra.com/Util/Find/epi-util/ 6 KB
11 KB 317ms
314ms Script
application/javascript 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xiidra.com/Util/Find/epi-util/find.js

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67004276e5cbe57d0cc96a32bd76d47b1daf4f91f52f807df4d8f9259c69b844

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-encoding: gzip
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Nov 2023 10:15:12 GMT
server: cloudflare
etag: W/"1da122c757f6fec"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray: 88c52ace8b025685-OSL
expires: Fri, 31 May 2024 11:14:28 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
www.xiidra.com/Util/EPiServer.Forms/ 87 KB
30 KB 227ms
221ms Script
application/javascript 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xiidra.com/Util/EPiServer.Forms/jquery-3.5.1.min.js
Requested by: Host: www.xiidra.com
URL: https://www.xiidra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
date: Fri, 31 May 2024 07:14:28 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 08 Dec 2023 10:02:32 GMT
server: cloudflare
etag: W/"1da29bda8e47184"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 88c52ace4aaa5685-OSL
expires: Fri, 31 May 2024 11:14:28 GMT

GET
H2 200 EPiServerForms.min.js Show response
www.xiidra.com/Util/EPiServer.Forms/ 37 KB
11 KB 309ms
303ms Script
application/javascript 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xiidra.com/Util/EPiServer.Forms/EPiServerForms.min.js
Requested by: Host: www.xiidra.com
URL: https://www.xiidra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 353290011f5a824643590f58ad9091893beab49ee10c6c31558d2ea62a2478dc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
date: Fri, 31 May 2024 07:14:28 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 08 Dec 2023 10:02:32 GMT
server: cloudflare
etag: W/"1da29bda8e5b9e5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 88c52ace4aac5685-OSL
expires: Fri, 31 May 2024 11:14:28 GMT

GET
H2 200 bootstrap.min.js Show response
www.xiidra.com/Assets/Xiidra-DTC/js/ 59 KB
25 KB 307ms
302ms Script
application/javascript 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xiidra.com/Assets/Xiidra-DTC/js/bootstrap.min.js

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f075a09924af5eba5440f773a219b1e16184548d73902cdc42a978b4f91ebdb

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-encoding: gzip
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 May 2024 19:22:50 GMT
server: cloudflare
etag: W/"1dab2c6c2a98bbf"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray: 88c52ace4aad5685-OSL
expires: Fri, 31 May 2024 11:14:28 GMT

GET
H2 200 main.js Show response
www.xiidra.com/Assets/Xiidra-DTC/js/ 23 KB
14 KB 218ms
212ms Script
application/javascript 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xiidra.com/Assets/Xiidra-DTC/js/main.js

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1779939c88f5e72a2296935a3a2dda1393155a2590cf32d653d753e24b43b45b

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-encoding: gzip
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 May 2024 19:22:50 GMT
server: cloudflare
etag: W/"1dab2c6c2a93c36"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray: 88c52ace4aae5685-OSL
expires: Fri, 31 May 2024 11:14:28 GMT

GET
H/1.1 200
OK cmp.php Show response
d.delivery.consentmanager.net/delivery/ 5 KB
3 KB 282ms
77ms Script
text/javascript 87.230.98.76
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://d.delivery.consentmanager.net/delivery/cmp.php?id=90107&h=https%3A%2F%2Fwww.xiidra.com%2F&__cmpfcc=1&l=en&ls=EN_EN&lp=EN&o=1717139667968

Requested by

Host: cdn.consentmanager.net
URL: https://cdn.consentmanager.net/delivery/autoblocking/088bfd2711b8c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.76 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5050018.psmanaged.com

Software

Resource Hash

b7334292d0533d20b1bf16b131cbe860037d8f417a0cf06e7a4230694d44622e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 31 May 2024 07:14:28 GMT
content-encoding: gzip
last-modified: Fri, 31 May 2024 07:14:28 GMT
transfer-encoding: chunked
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
edge-control: no-store, no-cache, must-revalidate
cache-control: no-store, no-cache, must-revalidate
x-xss-protection: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 cmp_final.min.js Show response
cdn.consentmanager.net/delivery/js/ 421 KB
92 KB 81ms
79ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.consentmanager.net/delivery/js/cmp_final.min.js
Requested by: Host: cdn.consentmanager.net
URL: https://cdn.consentmanager.net/delivery/autoblocking/088bfd2711b8c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e6ab015da3928bcb301defc587a162361e205ac1b5da32bc904f476c78c71ffd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 31 May 2024 07:14:28 GMT
content-encoding: gzip
x-77-cache: HIT
x-cache: HIT
edge-control: max-age=86400
x-age: 64531
x-accel-date: 1717075137
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBw7WvDgH3E/wAAAgBJRPCNAFh
x-accel-expires: @1717161537
x-77-age: 64531
last-modified: Mon, 27 May 2024 08:37:07 GMT
server: CDN77-Turbo
etag: W/"692e1-6196b6c27b2c0"
x-77-nzt-ray: 908339307d4ec0f4d47859666cffaa0c
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
expires: Wed, 29 May 2024 13:18:53 GMT

GET
H2 200 ai.2.gbl.min.js Show response
js.monitor.azure.com/scripts/b/ 120 KB
56 KB 211ms
80ms Script
text/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Requested by: Host: www.xiidra.com
URL: https://www.xiidra.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 12e7192855d64b8867e792c9e0359a8e0b5ae2e2c9286007c9e4b881d86e7e07

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Origin: https://www.xiidra.com
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
content-encoding: br
last-modified: Wed, 20 Mar 2024 17:31:22 GMT
x-ms-meta-aijssdkver: 2.8.18
vary: Accept-Encoding
x-azure-ref: 20240531T071428Z-179cf7887d9jnqvh35wyc7tne4000000055g00000000spsy
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: c1a9516f-901e-000f-0e7d-aa6c81000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.18.gbl.min.js
x-fd-int-roxy-purgeid: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 277 KB
95 KB 259ms
108ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T83FDJSW

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0dff16f178ce6b1acee6dbd6ef3d53e114fff8eaec5b095c092d1607ccdfb59f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96802
x-xss-protection: 0
last-modified: Fri, 31 May 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 31 May 2024 07:14:28 GMT

GET
H2 200 bV8xLndfOTAxMDcucl9HRFBSLmxfZW4uZF8zMjA4MC54XzcwLnYucC50XzMyMDgwLnh0Xzcw.js Show response
cdn.consentmanager.net/delivery/customdata/ 70 KB
16 KB 72ms
72ms Script
text/javascript 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.consentmanager.net/delivery/customdata/bV8xLndfOTAxMDcucl9HRFBSLmxfZW4uZF8zMjA4MC54XzcwLnYucC50XzMyMDgwLnh0Xzcw.js

Requested by

Host: d.delivery.consentmanager.net
URL: https://d.delivery.consentmanager.net/delivery/cmp.php?id=90107&h=https%3A%2F%2Fwww.xiidra.com%2F&__cmpfcc=1&l=en&ls=EN_EN&lp=EN&o=1717139667968

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

879ecc362e266ded1a34ed1821530d45af7a33b7a7e3b96ba4ca3f5a9060c545

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 31 May 2024 07:14:28 GMT
content-encoding: gzip
x-77-cache: HIT
x-cache: MISS
edge-control: public, max-age=1800
x-accel-date: 1717137963
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
x-77-nzt: EggBw7WvDgFBDAGKxyXEAfepBgAA
x-accel-expires: @1717139763
x-77-age: 1705
last-modified: Fri, 31 May 2024 06:46:03 GMT
server: CDN77-Turbo
x-77-nzt-ray: 908339307d4ec0f4d47859667b29f81d
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
expires: Fri, 31 May 2024 07:16:03 GMT

GET
H2 200 jquery-ui.min.js Show response
www.xiidra.com/Util/EPiServer.Forms.Samples/jquery-ui/ 249 KB
66 KB 263ms
257ms Script
application/javascript 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xiidra.com/Util/EPiServer.Forms.Samples/jquery-ui/jquery-ui.min.js
Requested by: Host: www.xiidra.com
URL: https://www.xiidra.com/Util/EPiServer.Forms/EPiServerForms.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d9b75e6bf99296f7797ed12f73137f52966dbb02180ff054c6c01680c7bdb1d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
date: Fri, 31 May 2024 07:14:28 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 14 Nov 2023 09:43:22 GMT
server: cloudflare
etag: W/"1da16df0184fd71"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 88c52ad06c9c5685-OSL
expires: Fri, 31 May 2024 11:14:28 GMT

GET
H2 200 EPiServerFormsSamples.js Show response
www.xiidra.com/Util/EPiServer.Forms.Samples/js/ 27 KB
5 KB 236ms
230ms Script
application/javascript 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xiidra.com/Util/EPiServer.Forms.Samples/js/EPiServerFormsSamples.js
Requested by: Host: www.xiidra.com
URL: https://www.xiidra.com/Util/EPiServer.Forms/EPiServerForms.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f715616298b3af450a7f626d40626e5f169a8568431202829e2ed563dbaab44

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
date: Fri, 31 May 2024 07:14:28 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 14 Nov 2023 09:43:22 GMT
server: cloudflare
etag: W/"1da16df0187720e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 88c52ad06c9d5685-OSL
expires: Fri, 31 May 2024 11:14:28 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
971 B 222ms
81ms Script
text/javascript 172.217.23.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcsP2IpAAAAABBYxU3yaPWXW30r3K2rLW4ZC3jn

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/Util/EPiServer.Forms/EPiServerForms.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f4.1e100.net

Software

GSE /

Resource Hash

64603949440840ffabf86775b2fbda26bb4446941f2cbdf1443db05b069ba384

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 31 May 2024 07:14:28 GMT

GET
H2 200 EPiServerFormsSamples.css
www.xiidra.com/Util/EPiServer.Forms.Samples/css/ 566 B
330 B 226ms
221ms Stylesheet
text/css 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xiidra.com/Util/EPiServer.Forms.Samples/css/EPiServerFormsSamples.css
Requested by: Host: www.xiidra.com
URL: https://www.xiidra.com/Util/EPiServer.Forms/EPiServerForms.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d18c1a86eeffa3b249ca268ad0992301aba882be95af2c168544f5a2899b3464

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
date: Fri, 31 May 2024 07:14:28 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 14 Nov 2023 09:43:22 GMT
server: cloudflare
etag: W/"1da16df01871b36"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 88c52ad06c925685-OSL
expires: Fri, 31 May 2024 11:14:28 GMT

GET
H2 200 jquery-ui.min.css
www.xiidra.com/Util/EPiServer.Forms.Samples/jquery-ui/ 31 KB
8 KB 210ms
204ms Stylesheet
text/css 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xiidra.com/Util/EPiServer.Forms.Samples/jquery-ui/jquery-ui.min.css
Requested by: Host: www.xiidra.com
URL: https://www.xiidra.com/Util/EPiServer.Forms/EPiServerForms.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f761003b1e3a1b1e2da77428e6f22a5584f24541c0b3d99e66e80f606c49cca5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
date: Fri, 31 May 2024 07:14:28 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 14 Nov 2023 09:43:22 GMT
server: cloudflare
etag: W/"1da16df01876488"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 88c52ad06c955685-OSL
expires: Fri, 31 May 2024 11:14:28 GMT

GET
H2 200 jquery-ui.structure.min.css
www.xiidra.com/Util/EPiServer.Forms.Samples/jquery-ui/ 15 KB
5 KB 205ms
199ms Stylesheet
text/css 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xiidra.com/Util/EPiServer.Forms.Samples/jquery-ui/jquery-ui.structure.min.css
Requested by: Host: www.xiidra.com
URL: https://www.xiidra.com/Util/EPiServer.Forms/EPiServerForms.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b09f7fa1497a4b396fbea8c2020e49e87afe45f72728ac6881361c91e61a377a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
date: Fri, 31 May 2024 07:14:28 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 14 Nov 2023 09:43:22 GMT
server: cloudflare
etag: W/"1da16df018725cc"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 88c52ad06c985685-OSL
expires: Fri, 31 May 2024 11:14:28 GMT

GET
H2 200 jquery-ui.theme.min.css
www.xiidra.com/Util/EPiServer.Forms.Samples/jquery-ui/ 14 KB
2 KB 206ms
200ms Stylesheet
text/css 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xiidra.com/Util/EPiServer.Forms.Samples/jquery-ui/jquery-ui.theme.min.css
Requested by: Host: www.xiidra.com
URL: https://www.xiidra.com/Util/EPiServer.Forms/EPiServerForms.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5ab215cb684d8102e285f666bfca14c29e46f2d1752e21beb7c5f55a0a273ac

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
date: Fri, 31 May 2024 07:14:28 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 14 Nov 2023 09:43:22 GMT
server: cloudflare
etag: W/"1da16df01872f47"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 88c52ad06c9a5685-OSL
expires: Fri, 31 May 2024 11:14:28 GMT

GET
H2 200 90107
cdn.consentmanager.net/delivery/recall/logos/ 4 KB
2 KB 66ms
65ms Image
image/svg+xml 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.consentmanager.net/delivery/recall/logos/90107
Requested by: Host: www.xiidra.com
URL: https://www.xiidra.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4fac8ac68ec0b3328e35eb3962ee1ce7ed17a3b35051b139e519748a8b844536

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 31 May 2024 07:14:28 GMT
content-encoding: gzip
x-77-cache: HIT
x-cache: MISS
edge-control: public, max-age=86400, max-age=2592000
x-accel-date: 1717094000
alt-svc: h3=":443"; ma=86400
x-77-nzt: EggBw7WvDgFBDAGckiEfAfdksgAA
x-accel-expires: @1717180400
x-77-age: 45668
server: CDN77-Turbo
x-77-nzt-ray: 908339307d4ec0f4d4785966f14fc224
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
expires: Fri, 31 May 2024 18:33:20 GMT

GET
H/1.1 200
OK /
d.delivery.consentmanager.net/delivery/info/ 43 B
404 B 69ms
68ms Image
image/gif 87.230.98.76
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.delivery.consentmanager.net/delivery/info/?id=90107&did=1&cfdid=1&t=pv.d_ncs.d_ancs.d_bncs&h=https%3A%2F%2Fwww.xiidra.com%2F&o=1717139668583&l=EN&lv=53709&d=1&ct=14&e=&e2=&e3=&i=&sv=29&dv=70&

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.76 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5050018.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 31 May 2024 07:14:28 GMT
last-modified: Fri, 31 May 2024 07:14:28 GMT
content-type: image/gif
access-control-allow-origin: *
edge-control: no-store, no-cache, must-revalidate
cache-control: no-store, no-cache, must-revalidate
content-length: 43
x-xss-protection: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK /
d.delivery.consentmanager.net/delivery/info/ 43 B
404 B 139ms
69ms Image
image/gif 87.230.98.76
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.delivery.consentmanager.net/delivery/info/?id=90107&did=1&cfdid=1&t=cv&h=https%3A%2F%2Fwww.xiidra.com%2F&o=1717139668583&l=EN&lv=53709&d=1&ct=14&e=&e2=&e3=&i=&sv=29&dv=70&

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.76 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5050018.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 31 May 2024 07:14:28 GMT
last-modified: Fri, 31 May 2024 07:14:28 GMT
content-type: image/gif
access-control-allow-origin: *
edge-control: no-store, no-cache, must-revalidate
cache-control: no-store, no-cache, must-revalidate
content-length: 43
x-xss-protection: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 en.gif
cdn.consentmanager.net/delivery/flags/ 384 B
815 B 62ms
61ms Image
image/gif 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.consentmanager.net/delivery/flags/en.gif
Requested by: Host: www.xiidra.com
URL: https://www.xiidra.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: eee4cf12a666b414c57a7f3ad86679b3f8d3baeb0914c5f2ec68243d9375d881

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 31 May 2024 07:14:28 GMT
x-77-cache: HIT
x-cache: HIT
edge-control: max-age=2592000
x-age: 9048158
x-accel-date: 1708091510
alt-svc: h3=":443"; ma=86400
content-length: 384
x-77-nzt: EgwBw7WvDgH3XhCKAAwB1GY4EQH3ywIAAA
x-accel-expires: @1739626795
x-77-age: 9048158
last-modified: Mon, 14 Jun 2021 21:37:37 GMT
server: CDN77-Turbo
etag: "180-5c4c0aa828a40"
x-77-nzt-ray: 908339307d4ec0f4d4785966e4680225
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 13:39:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 304 KB
101 KB 101ms
101ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-82QWEMB6ZN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T83FDJSW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f05b7d4b99e009bf912273feaafacdbf0afc1e1a7199e6fcaa395cf781d597a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103136
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 31 May 2024 07:14:28 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 201 KB
73 KB 128ms
128ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-14001325&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T83FDJSW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10c26428ea50a221ac01a9b44fff02c8339bd9f5af78c41436ffe29161222985

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74911
x-xss-protection: 0
last-modified: Fri, 31 May 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 31 May 2024 07:14:28 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 230ms
84ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T83FDJSW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 31 May 2024 07:14:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=63, rtx=0, c=12, mss=1294, tbw=2768, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: QFYGWNbJp4unzX4LKJ13EUcQh3zYu2RnWXzwnLsq7C4CkW+mSQOpm+bZkVgvs7n4uCkSHRPQ2AAvFNDFy+PfLA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
149 B 256ms
103ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=ofh7js7o&ct=0:m0ockj0&fmt=3
Requested by: Host: www.xiidra.com
URL: https://www.xiidra.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 ds.png
sync.graph.bluecava.com/ 95 B
247 B 407ms
258ms Image
image/png 35.241.19.70
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.graph.bluecava.com/ds.png?p=9274e5db-ddcb-11ea-a80b-0242ac110002&segment=nffefsfsviqlxeilqmpsspyevakswfmq&uid=&CampaignID=7501C&Channel=Website&CreativeID=&Placement=&MAID=&Source=dir_org&Medium=dir_org&Keyword=dir_org&PageName=home&Event=Pageload&Key1=&Key2=&Key3=&Key4=&Key5=
Requested by: Host: www.xiidra.com
URL: https://www.xiidra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.19.70 Mountain View, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 70.19.241.35.bc.googleusercontent.com
Software: /
Resource Hash: d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:28 GMT
cache-control: public, max-age=2592000
via: 1.1 google
etag: "ds.png:1.0.2:9d9ad7b7"
content-length: 95
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET
H3 200 activity;xsp=5263332;ord=[session%20id]
pubads.g.doubleclick.net/ 42 B
63 B 221ms
136ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=5263332;ord=[session%20id]?

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 31 May 2024 07:14:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/ 524 KB
208 KB 308ms
138ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcsP2IpAAAAABBYxU3yaPWXW30r3K2rLW4ZC3jn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44ec88fca0b915a741f9efcf5ef13d40133cb7e6501aa18d56490532c83adc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Origin: https://www.xiidra.com
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 05:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 212201
x-xss-protection: 0
last-modified: Mon, 27 May 2024 02:00:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 31 May 2025 05:54:59 GMT

GET
H2 200 911439253686600 Show response
connect.facebook.net/signals/config/ 57 KB
13 KB 272ms
271ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/911439253686600?v=2.9.156&r=stable&domain=www.xiidra.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f86ae59eb1969557e248e51546846d3f6f21683f29e91882778f3eb8703bcd4d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 31 May 2024 07:14:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=86, rtx=0, c=40, mss=1294, tbw=63347, tp=-1, tpl=-1, uplat=206, ullat=0
pragma: public
x-fb-debug: dtlTObV2VdiSAWiMSlDkP2fTqJjl5ZmlUpD+92B5ZUSXQczN7Z8iIRMJU3jfBYtuQxlTa/cMW+GzYrQwbKravw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame F25C 0
0 228ms
93ms Document
text/html 172.217.23.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcsP2IpAAAAABBYxU3yaPWXW30r3K2rLW4ZC3jn&co=aHR0cHM6Ly93d3cueGlpZHJhLmNvbTo0NDM.&hl=en&v=DH3nyJMamEclyfe-nztbfV8S&size=invisible&cb=xcyp53r60vi8

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-d_9mQI5t6anZ5R3N2ejolg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer: https://www.xiidra.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-d_9mQI5t6anZ5R3N2ejolg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 31 May 2024 07:14:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

src=14001325;dc_pre=CO7XpuCrt4YDFRNnHgIdHw0DVg;type=xiidr0;cat=xiidr0;ord=7776770024216;npa=1;gdid=dMzk4MW;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot....
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=14001325;type=xiidr0;cat=xiidr0;ord=7776770024216;npa=1;gdid=dMzk4MW;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.64...
https://ade.googlesyndication.com/ddm/activity/src=14001325;dc_pre=CO7XpuCrt4YDFRNnHgIdHw0DVg;type=xiidr0;cat=xiidr0;ord=7776770024216;npa=1;gdid=dMzk4MW;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B12...

42 B
118 B

104ms
103ms

Image
image/gif

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=14001325;dc_pre=CO7XpuCrt4YDFRNnHgIdHw0DVg;type=xiidr0;cat=xiidr0;ord=7776770024216;npa=1;gdid=dMzk4MW;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45t0z89171508011za201zb9171508011;gcs=G100;gcd=13p3p3p2p5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.xiidra.com%2F?

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer: https://www.xiidra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 May 2024 07:14:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 31 May 2024 07:14:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=14001325;dc_pre=CO7XpuCrt4YDFRNnHgIdHw0DVg;type=xiidr0;cat=xiidr0;ord=7776770024216;npa=1;gdid=dMzk4MW;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45t0z89171508011za201zb9171508011;gcs=G100;gcd=13p3p3p2p5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.xiidra.com%2F?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 242ms
103ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5&rnd=2054816465.1717139669&url=https%3A%2F%2Fwww.xiidra.com%2F&dma_cps=-&dma=1&npa=1&gtm=45He45t0n91T83FDJSWv9171508011za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T83FDJSW

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 31 May 2024 07:14:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
245 B 159ms
53ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-82QWEMB6ZN&gtm=45je45t0v9170595451z89171508011za200zb9171508011&_p=1717139668178&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&gdid=dMzk4MW&cid=793637706.1717139669&ul=se-se&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1717139668&sct=1&seg=0&dl=https%3A%2F%2Fwww.xiidra.com%2F&dt=Dry%20Eye%20Treatment%20%7C%20XIIDRA%C2%AE%20(lifitegrast%20ophthalmic%20solution)&en=page_view&_fv=2&_nsi=1&_ss=2&tfd=2450
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-82QWEMB6ZN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 31 May 2024 07:14:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xiidra.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
270 B 226ms
64ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=911439253686600&ev=PageView&dl=https%3A%2F%2Fwww.xiidra.com%2F&rl=&if=false&ts=1717139669436&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1717139669436.551013867&ler=empty&cdl=API_unavailable&it=1717139669128&coo=false&tm=1&rqm=GET

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=63, rtx=0, c=10, mss=1294, tbw=2795, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 31 May 2024 07:14:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 391ms
229ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=911439253686600&ev=PageView&dl=https%3A%2F%2Fwww.xiidra.com%2F&rl=&if=false&ts=1717139669436&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1717139669436.551013867&ler=empty&cdl=API_unavailable&it=1717139669128&coo=false&tm=1&rqm=FGET

Requested by

Host: www.xiidra.com
URL: https://www.xiidra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x8009193872768b08","source_keys":["1","2"]},{"key_piece":"0xb985f33170b35487","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 31 May 2024 07:14:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=63, rtx=0, c=12, mss=1294, tbw=3109, tp=-1, tpl=-1, uplat=162, ullat=0
pragma: no-cache
x-fb-debug: iWZ9kQcKhaGzce/Yixuw7XWTHL9wnVnQeR0V2/Fyg74sL/r38TCrvs6QFN97hpdGfa7kW0lhiuKwjdwsilDoAw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 favicon.ico
www.xiidra.com/siteassets/img/ 15 KB
18 KB 224ms
223ms Other
image/x-icon 2606:4700:4400::6812:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xiidra.com/siteassets/img/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:245a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c3e2bd973df6a7db87e0c43c73ae2171d4ab9ac39f9505eda78a29993cb5131

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.xiidra.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 07:14:30 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: data: http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.aptrinsic.com https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.consumerism.pressganey.com https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.investis.com https://*.litix.io https://*.mapbox.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.services.visualstudio.com https://*.serving-sys.com https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bluecava.com https://*.bootstrapcdn.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consensu.org https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fingertipformulary.com/ https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.investis.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.mathtag.com/ https://*.mgr.consensu.org https://*.mookie1.com https://*.paradox.ai/ https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co/ https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.salesforceliveagent.com https://*.services.visualstudio.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.tools.investis.com https://*.turn.com https://*.typekit.net https://*.wistia.com https://*.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://*.adnxs.com https://*.bausch.com https://*.bootstrapcdn.com https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com; frame-ancestors 'self' https://*.consentmanager.net https://*.delivery.consentmanager.net; frame-src 'self' http://*.fls.doubleclick.net https://*.adsrvr.org https://*.basis.net https://*.bausch.com https://*.consensu.org https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.fingertipformulary.com/ https://*.fonts.net https://*.google.com https://*.google.ie https://*.gotolstoy.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.marinsm.com https://*.mgr.consensu.org https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.sightmatters.com https://*.sitescout.com https://*.snapchat.com https://*.wistia.net https://*.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://*.adentifi.com https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.akamaihd.net https://*.app-us1.com/ https://*.basis.net https://*.bausch.com https://*.bing.com https://*.bl-inte.com https://*.bluecava.com https://*.businesswire.com/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.deepintent.com/ https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.co.in https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.graph.bluecava.com https://*.gstatic.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.mathtag.com/ https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.placeholder.com https://*.pricespider.com/ https://*.prnewswire.com/ https://*.rubiconproject.com https://*.salesforce-sites.com https://*.sharethis.com/ https://*.sitescout.com https://*.snapchat.com https://*.tiktok.com/ https://*.turn.com https://*.wistia.com https://*.wistia.net https://*.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.gotolstoy.com/ https://*.gstatic.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.com https://*.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://*.activehosted.com/ https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.app-us1.com/ https://*.aptrinsic.com https://*.bausch.com https://*.bing.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.clarity.ms https://*.cloudflare.com/ https://*.cloudfront.net https://*.collect.igodigital.com https://*.consentmanager.net https://*.contextweb.com https://*.delivery.consentmanager.net https://*.doctor.com https://*.doctor.com/ https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.la3-c2-ia2.salesforceliveagent.com https://*.lassomarketing.io/ https://*.lhmos.com https://*.licdn.com https://*.linkedin.com https://*.litix.io https://*.marinsm.com https://*.marketo.net https://*.monitor.azure.com https://*.mookie1.com https://*.pinimg.com https://*.pinterest.com https://*.pmsrv.co https://*.pmsrv.co/ https://*.pricespider.com https://*.pricespider.com/ https://*.prod.uidapi.com https://*.salesforceliveagent.com https://*.serving-sys.com https://*.sharethis.com/ https://*.snapchat.com https://*.tiktok.com/ https://*.wistia.com https://*.wistia.net https://*.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.adsrvr.org https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.aptrinsic.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.bunny.net/ https://*.cloudflare.com/ https://*.cloudfront.net https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.doctor.com/ https://*.facebook.com https://*.facebook.net https://*.fontawesome.com/ https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gotolstoy.com/ https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pinterest.com https://*.pricespider.com/ https://*.tiktok.com/ https://*.typekit.net https://*.wistia.com https://*.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://*.adnxs.com https://*.ads.linkedin.com https://*.bausch.com https://*.bootstrapcdn.com/ https://*.cloudflare.com/ https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.com https://*.facebook.net https://*.fonts.net https://*.googleapis.com https://*.googlesyndication.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com/ https://*.jsdelivr.net/ https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.pricespider.com https://*.pricespider.com/ https://*.wistia.com https://*.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://*.ads.linkedin.com https://*.bausch.com https://*.consentmanager.net https://*.delivery.consentmanager.net https://*.facebook.net https://*.gstatic.com https://*.wistia.com ; navigate-to https://*.consentmanager.net https://*.delivery.consentmanager.net; base-uri https://*.collect.igodigital.com https://*.consentmanager.net https://*.g.doubleclick.net https://*.gotolstoy.com; worker-src blob: https://*.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://*.bausch.com https://*.litix.io https://*.marinsm.com https://*.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
cf-cache-status: MISS
content-encoding: gzip
x-xss-protection: 1
reporting-endpoints: stott-security-endpoint="https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
request-context: appId=cid-v1:dcebd24e-8d7e-4583-9aa2-b908e28c8efe
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 Mar 2024 02:56:59 GMT
server: cloudflare
etag: W/"1da8317192233ae"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(*), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray: 88c52adcf9015685-OSL
expires: Fri, 31 May 2024 19:14:30 GMT

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
200 B 221ms
221ms XHR
application/json 20.50.88.245
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

bdb3adbf0fa02fc10c050c80072cd05309d55459c8012b772309712e0b821942

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.xiidra.com/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Fri, 31 May 2024 07:14:31 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-type: application/json; charset=utf-8

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ Frame 0
0 326ms
119ms Preflight 20.50.88.245
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://www.xiidra.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Fri, 31 May 2024 07:14:30 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

Verdicts & Comments Add Verdict or Comment

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.xiidra.com/	1969-12-31 23:59:59	Name: EPiStateMarker Value: true
www.xiidra.com/	1970-01-20 23:08:35	Name: .EPiForm_BID Value: 8b30e60c-e488-4613-8bc8-e2a14a6c4369
www.xiidra.com/	1970-01-20 23:08:35	Name: .EPiForm_VisitorIdentifier Value: 8b30e60c-e488-4613-8bc8-e2a14a6c4369%7C
www.xiidra.com/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.9TtSrW0hzOs Value: CfDJ8DQ6wjGuRnVOg-fn2NihgmkZc3fpH4oyPbafnD5qzYWyF9csu2qpsstrQbtWzS1W6VGkpQRbbvLgECJvUQEGXrtLWgfzhtmG2eGQmSSTi_R9cYITyEzb1VGzCdtnJtisMkkvF06SS4Kaf_4jebsYA2I
www.xiidra.com/	1969-12-31 23:59:59	Name: .AspNetCore.Session Value: CfDJ8DQ6wjGuRnVOg%2Bfn2Nihgmlfg%2F4goZMUVrNPvlOxseY4TFIP50OZItaTA77b9IMT%2B0nunuA%2F49y0dDe6nL68t6EYckgIO0Xwbl2cCkdeR8%2F6RnmNyznTsZuXy14FTfqUhqbNmuh%2BFVlBv%2BlTkB9%2BJJZn%2BH2x9YiDRdQUmWG1dLh1
.www.xiidra.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: f0b844c667cc1a592cd4c4643fce899cba701d37ddedb5b69bbfa9142a9ea90b
.www.xiidra.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: f0b844c667cc1a592cd4c4643fce899cba701d37ddedb5b69bbfa9142a9ea90b
www.xiidra.com/	1970-01-21 05:44:35	Name: ai_user Value: ZqsHtS9H7uOjh6DzOHAEld\|2024-05-31T07:14:28.456Z
.xiidra.com/	1970-01-20 21:19:09	Name: __cmpcccx90107 Value: aBP_frhNAAgAzAGAAuAIcBwQEGQLAgo0ACXx-vkE
.xiidra.com/	1970-01-20 23:08:35	Name: _fbp Value: fb.1.1717139669436.551013867
www.xiidra.com/	1970-01-20 20:59:01	Name: ai_session Value: 2nBQjv1c1WwzfTUKWPA5Ru\|1717139670624\|1717139670624

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	connect-src 'self' blob: data: http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.aptrinsic.com https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.consumerism.pressganey.com https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.investis.com https://.litix.io https://.mapbox.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.services.visualstudio.com https://.serving-sys.com https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://google.com https://sc-static.net https://unpkg.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bluecava.com https://.bootstrapcdn.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consensu.org https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fingertipformulary.com/ https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.co.in https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.investis.com https://.jquery.com/ https://.jsdelivr.net/ https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.mathtag.com/ https://.mgr.consensu.org https://.mookie1.com https://.paradox.ai/ https://.pinimg.com https://.pinterest.com https://.pmsrv.co/ https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.salesforceliveagent.com https://.services.visualstudio.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.tools.investis.com https://.turn.com https://.typekit.net https://.wistia.com https://.wistia.net https://analytics.google.com https://api.tiles.mapbox.com/ https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://connect.facebook.net https://google.com https://js.adsrvr.org https://miebo-ecp-bl-ppd.com/ https://ocuvite.bl-inte.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ wss://localhost:44399 wss://wtbstream.pricespider.com/; font-src 'self' data: http://localhost:16788 https://.adnxs.com https://.bausch.com https://.bootstrapcdn.com https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gotolstoy.com/ https://.gstatic.com https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com https://www.bauschsurgical.com/; form-action 'self' https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com; frame-ancestors 'self' https://.consentmanager.net https://.delivery.consentmanager.net; frame-src 'self' http://.fls.doubleclick.net https://.adsrvr.org https://.basis.net https://.bausch.com https://.consensu.org https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.fingertipformulary.com/ https://.fonts.net https://.google.com https://.google.ie https://.gotolstoy.com https://.gotolstoy.com/ https://.gstatic.com https://.marinsm.com https://.mgr.consensu.org https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.sightmatters.com https://.sitescout.com https://.snapchat.com https://.wistia.net https://.youtube.com https://analytics.google.com https://cdn.pricespider.com https://irxcm.com; img-src 'self' blob: data: http://localhost:16788 https://.adentifi.com https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.akamaihd.net https://.app-us1.com/ https://.basis.net https://.bausch.com https://.bing.com https://.bl-inte.com https://.bluecava.com https://.businesswire.com/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.deepintent.com/ https://.delivery.consentmanager.net https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.co.in https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.graph.bluecava.com https://.gstatic.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.mathtag.com/ https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.placeholder.com https://.pricespider.com/ https://.prnewswire.com/ https://.rubiconproject.com https://.salesforce-sites.com https://.sharethis.com/ https://.sitescout.com https://.snapchat.com https://.tiktok.com/ https://.turn.com https://.wistia.com https://.wistia.net https://.ytimg.com https://bauschsurgical.bl-ppd.com/ https://bauschvisioncare.secure.force.com https://c212.net/ https://cdn.fonts.net https://cdn.pricespider.com https://eyetube.net https://google.com https://miebo-ecp-bl-ppd.com/ https://sc-static.net https://thrtle.com https://unpkg.com/ https://www.bauschsurgical.com/ https://www.google.lu; media-src 'self' blob: https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.gotolstoy.com/ https://.gstatic.com https://.litix.io https://.marinsm.com https://.mookie1.com https://.wistia.com https://.wistia.net; script-src-elem 'self' 'unsafe-inline' http://fast.wistia.com/ http://localhost:16788 https://.activehosted.com/ https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.app-us1.com/ https://.aptrinsic.com https://.bausch.com https://.bing.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.clarity.ms https://.cloudflare.com/ https://.cloudfront.net https://.collect.igodigital.com https://.consentmanager.net https://.contextweb.com https://.delivery.consentmanager.net https://.doctor.com https://.doctor.com/ https://.doubleclick.net https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.g.doubleclick.net https://.google-analytics.com https://.google.com https://.googleadservices.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.la3-c2-ia2.salesforceliveagent.com https://.lassomarketing.io/ https://.lhmos.com https://.licdn.com https://.linkedin.com https://.litix.io https://.marinsm.com https://.marketo.net https://.monitor.azure.com https://.mookie1.com https://.pinimg.com https://.pinterest.com https://.pmsrv.co https://.pmsrv.co/ https://.pricespider.com https://.pricespider.com/ https://.prod.uidapi.com https://.salesforceliveagent.com https://.serving-sys.com https://.sharethis.com/ https://.snapchat.com https://.tiktok.com/ https://.wistia.com https://.wistia.net https://.youtube.com https://api.tiles.mapbox.com/ https://cdn.pricespider.com https://connect.facebook.net https://irxcm.com https://js.adsrvr.org https://sc-static.net https://unpkg.com/ https://www.bauschsurgical.com/ ; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.adsrvr.org https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.google.com https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.pricespider.com ; style-src-attr 'self' 'unsafe-inline' https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.gstatic.com https://.wistia.com ; style-src-elem 'self' 'unsafe-inline' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.aptrinsic.com https://.bausch.com https://.bootstrapcdn.com/ https://.bunny.net/ https://.cloudflare.com/ https://.cloudfront.net https://.consentmanager.net https://.delivery.consentmanager.net https://.doctor.com/ https://.facebook.com https://.facebook.net https://.fontawesome.com/ https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gotolstoy.com/ https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pinterest.com https://.pricespider.com/ https://.tiktok.com/ https://.typekit.net https://.wistia.com https://.wistia.net https://api.tiles.mapbox.com/ https://cdn.fonts.net https://cdn.pricespider.com https://fonts.bunny.net https://unpkg.com/ https://www.bauschsurgical.com/ ; style-src 'self' http://localhost:16788 https://.adnxs.com https://.ads.linkedin.com https://.bausch.com https://.bootstrapcdn.com/ https://.cloudflare.com/ https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.com https://.facebook.net https://.fonts.net https://.googleapis.com https://.googlesyndication.com https://.googletagmanager.com https://.gstatic.com https://.jquery.com/ https://.jsdelivr.net/ https://.litix.io https://.marinsm.com https://.mookie1.com https://.pricespider.com https://.pricespider.com/ https://.wistia.com https://.wistia.net https://cdn.fonts.net https://cdn.pricespider.com ; script-src-attr 'unsafe-inline' http://localhost:16788 https://.ads.linkedin.com https://.bausch.com https://.consentmanager.net https://.delivery.consentmanager.net https://.facebook.net https://.gstatic.com https://.wistia.com ; navigate-to https://.consentmanager.net https://.delivery.consentmanager.net; base-uri https://.collect.igodigital.com https://.consentmanager.net https://.g.doubleclick.net https://.gotolstoy.com; worker-src blob: https://.consentmanager.net https://api.tiles.mapbox.com/ https://ocuvite.bl-inte.com/; object-src https://.bausch.com https://.litix.io https://.marinsm.com https://.mookie1.com https://*.wistia.net; upgrade-insecure-requests;report-to stott-security-endpoint;report-uri https://www.ifulookup.com/stott.security.optimizely/api/cspreporting/reporturiviolation/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
cdn.consentmanager.net
connect.facebook.net
d.delivery.consentmanager.net
dc.services.visualstudio.com
fonts.googleapis.com
insight.adsrvr.org
js.monitor.azure.com
pagead2.googlesyndication.com
pubads.g.doubleclick.net
region1.google-analytics.com
sync.graph.bluecava.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.xiidra.com
xiidra.com
142.250.184.226
142.250.186.130
15.197.193.217
172.217.18.2
172.217.23.100
20.50.88.245
2001:4860:4802:34::36
217.114.94.2
2606:4700:4400::6812:245a
2620:1ec:bdf::45
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2003
2a00:1450:4001:82f::2008
2a02:6ea0:c700::10
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
35.241.19.70
87.230.98.76
02282d8ba2d2ef937e5815d01d02592e7309e7dece1e05896edf283819705744
0dff16f178ce6b1acee6dbd6ef3d53e114fff8eaec5b095c092d1607ccdfb59f
0f715616298b3af450a7f626d40626e5f169a8568431202829e2ed563dbaab44
10c26428ea50a221ac01a9b44fff02c8339bd9f5af78c41436ffe29161222985
12e7192855d64b8867e792c9e0359a8e0b5ae2e2c9286007c9e4b881d86e7e07
1764c66dbd4c205ce8ef650af025317e2323196ae72b33609eca3e0b736fccc0
1769ebc7b5039d94f22eaf95a7677f88150d243e25d66dd300d3358bb9f51c1f
1779939c88f5e72a2296935a3a2dda1393155a2590cf32d653d753e24b43b45b
1f075a09924af5eba5440f773a219b1e16184548d73902cdc42a978b4f91ebdb
2522dd8a82e43993dff5c66c155ae4f36f4b48277e045959ccdd5fba7c3718d6
26da96707fcd353634239ae88be6ca5b772dca6d241c95f2ef660e3ad471d786
2b0b69c017304e576079a50cd59c41662061a42f9ccfcfd346015715842ee9d7
2c3e2bd973df6a7db87e0c43c73ae2171d4ab9ac39f9505eda78a29993cb5131
2cc31ab42e5bc37a58a6ccd90bf2d319dbc7cd0e3ed889cb2fc697481e0ce53f
2db2bc2bcee40a6d0905a9dbe1f546727718042f880fb6955e3af7ce148a191b
353290011f5a824643590f58ad9091893beab49ee10c6c31558d2ea62a2478dc
3534c389af0c0482fc643f77e608d492a0c047b936438bc4d72c8d78041e0b54
3e1868c17da591e391f9cc4d348be10f780cfb090fb9cef9ce53511d04cbaab8
44ec88fca0b915a741f9efcf5ef13d40133cb7e6501aa18d56490532c83adc95
4ab4e6dcf7db91747069ae00f49123ceae8a003a287939de9cce8acf1b1e5003
4c0acc5fb4b751b7f70707dca824c5f8598f356cea264441203141a6510c61ab
4fac8ac68ec0b3328e35eb3962ee1ce7ed17a3b35051b139e519748a8b844536
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
6058d3739dc23728c161c41bb63fe9469abad72f832087bdf8c4cdb82dea2f8f
64603949440840ffabf86775b2fbda26bb4446941f2cbdf1443db05b069ba384
67004276e5cbe57d0cc96a32bd76d47b1daf4f91f52f807df4d8f9259c69b844
7376c41dc1c7154659274b78ee22b099e84f1726684e6f3433ec5cd49231ed7a
7d865d6b75eb0d0e47b61b1549db77878b8e9f1acb3494ddedd848c5c8869091
7eedb2b60ffbe637fe71fd225370ef5bd27ced189b6177227d67475dda332a5e
8516133c53a9d58f4546558aa2cb4d02a8023ab011abeb39dae48edd3124066a
864f571c0a78313f402d96f5323cd7a0242805969588008958d379386e74ae2a
879ecc362e266ded1a34ed1821530d45af7a33b7a7e3b96ba4ca3f5a9060c545
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9bd8dae6154c84a2f0f1045a5089b55d3fde24c011c9d5da252a27b0ea656986
9d9b75e6bf99296f7797ed12f73137f52966dbb02180ff054c6c01680c7bdb1d
9dc368b551a9ab36a1a9b809873da36dabe2b1c0ec05f26377cbefe3a543c9f5
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad1fce96f87d256155db5c433075af35926be7d90c6bd109e8c66f6e6e8dc473
b09f7fa1497a4b396fbea8c2020e49e87afe45f72728ac6881361c91e61a377a
b4804540a73d9057701a0f476272d3ed8f2476621ab6bac902192fe1cab84485
b7334292d0533d20b1bf16b131cbe860037d8f417a0cf06e7a4230694d44622e
b929db75808062c34909c7ede4f3e17a8bda4c6b489ff5d40e742b44608eee01
bdb3adbf0fa02fc10c050c80072cd05309d55459c8012b772309712e0b821942
c210bd46e016b8b1c7d08001becbbcc00c111f00bb02943cd6db1cf109211da7
cd7d64b0e5fcc2db8a7bc7a8779a1b11a84b494b2baf9b625f8b95f59be481a9
ceec82ddb06cdb6332f285fc560afd3053eaa0786f73b85145134f786975b888
d18c1a86eeffa3b249ca268ad0992301aba882be95af2c168544f5a2899b3464
d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c
d5ab215cb684d8102e285f666bfca14c29e46f2d1752e21beb7c5f55a0a273ac
d8e0a3123beb44b7eff655247e3f2274e6ccfa1a12a0893779d892c85fc000ad
ddf9f74212adf7c141cd4564b2031afb140c7043ed3b9b06f348c04a551fba98
e06c07ee60507c8e85a2540c9ce5e9851bdcb240faf6957f77729cc5cdee9306
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ab015da3928bcb301defc587a162361e205ac1b5da32bc904f476c78c71ffd
e95b0f1efa504cea38a735edd50eeadbfb127597c791b07cacc28ecd8117e1b9
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ea09dac363d1c255d45dc66d1e9597ce9be7f363db5e1f65809790f6c00003a2
eee4cf12a666b414c57a7f3ad86679b3f8d3baeb0914c5f2ec68243d9375d881
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05b7d4b99e009bf912273feaafacdbf0afc1e1a7199e6fcaa395cf781d597a8
f761003b1e3a1b1e2da77428e6f22a5584f24541c0b3d99e66e80f606c49cca5
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f86ae59eb1969557e248e51546846d3f6f21683f29e91882778f3eb8703bcd4d
fb14286ed6cc5fdbce525be8af99fe9cb657eecf7551116a5193f60a9316c17c

www.xiidra.com Open in urlscan Pro 2606:4700:4400::6812:245a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

99 %HTTPS

50 %IPv6

15 Domains

18 Subdomains

17 IPs

4 Countries

1701 kBTransfer

4274 kBSize

11 Cookies

14 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.xiidra.com Open in urlscan Pro
2606:4700:4400::6812:245a Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

99 %
HTTPS

50 %
IPv6

15
Domains

18
Subdomains

17
IPs

4
Countries

1701 kB
Transfer

4274 kB
Size

11
Cookies

70 HTTP transactions
0 data transactions