urlscan.io logo urlscan.io
SecurityTrails logo

www.providenceeye.com Open in urlscan Pro
2606:4700:10::6816:305a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://wickedbadvision.org/
Effective URL: https://www.providenceeye.com/lp/wicked-bad-vision
Submission Tags: phishingrod
Submission: On September 27 via api from DE — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 6 countries across 21 domains to perform 55 HTTP transactions. The main IP is 2606:4700:10::6816:305a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.providenceeye.com.
TLS certificate: Issued by WE1 on September 21st 2024. Valid for: 3 months.
This is the only time www.providenceeye.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 74.207.228.80 63949 (AKAMAI-LI...)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
4 2600:9000:223... 16509 (AMAZON-02)
1 162.159.128.61 13335 (CLOUDFLAR...)
1 2a04:4e42::649 54113 (FASTLY)
2 2600:9000:272... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 5 2600:9000:264... 16509 (AMAZON-02)
3 2620:1ec:33::10 8075 (MICROSOFT...)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a05:d018:cc3... 16509 (AMAZON-02)
1 162.159.138.60 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 34.168.224.78 396982 (GOOGLE-CL...)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 18.66.147.58 16509 (AMAZON-02)
1 34.138.31.113 396982 (GOOGLE-CL...)
1 35.234.162.151 396982 (GOOGLE-CL...)
55 27
1    74.207.228.80 (Atlanta, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 74-207-228-80.ip.linodeusercontent.com
wickedbadvision.org
8    2606:4700:10::6816:305a (United States)

ASN13335 (CLOUDFLARENET, US)
www.providenceeye.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
2    2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
4    2600:9000:223c:4800:11:d973:adc0:21 (United States)

ASN16509 (AMAZON-02, US)
d31ujbw5b6hsxj.cloudfront.net
1    162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)
player.vimeo.com
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    2600:9000:2724:7400:6:9a19:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.rlets.com
2    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2600:9000:2644:8a00:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
3    2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c1d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
1    2a05:d018:cc3:fe05:7832:8de8:241e:da02 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)
player.vimeo.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    34.168.224.78 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 78.224.168.34.bc.googleusercontent.com
77c517dd-c9ab-47b8-82cb-6d9f4670061b.rlets.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    18.66.147.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-58.fra60.r.cloudfront.net
capture-api.reachlocalservices.com
1    34.138.31.113 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.31.138.34.bc.googleusercontent.com
fault.rlets.com
1    35.234.162.151 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.162.234.35.bc.googleusercontent.com
tag.simpli.fi
Apex Domain
Subdomains		 Transfer
8 providenceeye.com
www.providenceeye.com
30 KB
7 rlets.com
cdn.rlets.com — Cisco Umbrella Rank: 18040
77c517dd-c9ab-47b8-82cb-6d9f4670061b.rlets.com
fault.rlets.com — Cisco Umbrella Rank: 297694
88 KB
6 adroll.com
s.adroll.com — Cisco Umbrella Rank: 3879
d.adroll.com — Cisco Umbrella Rank: 1844
119 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 4111
995 B
4 cloudfront.net
d31ujbw5b6hsxj.cloudfront.net
177 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
309 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 378
15 KB
2 reachlocalservices.com
capture-api.reachlocalservices.com — Cisco Umbrella Rank: 20971
589 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 112
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 196
75 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 152
td.doubleclick.net — Cisco Umbrella Rank: 216
558 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
209 KB
2 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 2385
12 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1486
86 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3512
45 KB
1 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 5530
2 KB
1 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 4792
63 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
2 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 851
30 KB
1 wickedbadvision.org
wickedbadvision.org
341 B
0 solutionreach.com Failed
chat.solutionreach.com Failed
55 21
Domain Requested by
8 www.providenceeye.com www.providenceeye.com
code.jquery.com
5 s.adroll.com 1 redirects www.googletagmanager.com
www.providenceeye.com
s.adroll.com
4 77c517dd-c9ab-47b8-82cb-6d9f4670061b.rlets.com cdn.rlets.com
4 d31ujbw5b6hsxj.cloudfront.net www.providenceeye.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.providenceeye.com
2 capture-api.reachlocalservices.com cdn.rlets.com
2 www.facebook.com www.providenceeye.com
2 connect.facebook.net www.providenceeye.com
connect.facebook.net
2 fonts.gstatic.com fonts.googleapis.com
2 region1.analytics.google.com www.googletagmanager.com
2 www.googletagmanager.com www.providenceeye.com
www.googletagmanager.com
2 www.google.com www.providenceeye.com
www.gstatic.com
2 cdn.rlets.com www.providenceeye.com
cdn.rlets.com
2 player.vimeo.com www.providenceeye.com
2 use.fontawesome.com www.providenceeye.com
use.fontawesome.com
2 stackpath.bootstrapcdn.com www.providenceeye.com
1 tag.simpli.fi cdn.rlets.com
1 fault.rlets.com
1 www.gstatic.com www.google.com
1 d.adroll.com s.adroll.com
1 www.google.co.uk www.providenceeye.com
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 fonts.googleapis.com www.providenceeye.com
1 code.jquery.com www.providenceeye.com
1 wickedbadvision.org 1 redirects
0 chat.solutionreach.com Failed www.providenceeye.com
55 27

This site contains links to these domains. Also see Links.

Domain
www.smilereminder.com
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
Subject Issuer Validity Valid
providenceeye.com
WE1		 2024-09-21 -
2024-12-20		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-09-20 -
2024-12-19		 3 months crt.sh
use.fontawesome.com
WE1		 2024-09-09 -
2024-12-09		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
player.vimeo.com
WE1		 2024-09-22 -
2024-12-21		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
*.rlets.com
Amazon RSA 2048 M03		 2023-10-31 -
2024-11-27		 a year crt.sh
*.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
s.adroll.com
Amazon RSA 2048 M02		 2024-05-03 -
2025-06-01		 a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.doubleclick.net
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.google.co.uk
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
d.adroll.com
Amazon RSA 2048 M02		 2024-09-09 -
2025-10-09		 a year crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
captureapi.localiq.com
R10		 2024-08-13 -
2024-11-11		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-06 -
2024-10-04		 3 months crt.sh
*.reachlocalservices.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh

This page contains 7 frames:

Primary Page: https://www.providenceeye.com/lp/wicked-bad-vision
Frame ID: 92FDD6F19E1A2A96083BE6EF20E6E324
Requests: 47 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-T5QETSQCPB&gacid=7181529.1727410597&gtm=45je49p0v876734802z8812535784za200zb812535784&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101686685~101747727&z=1009097205
Frame ID: 19D8A750FF558E5DE94BA6119E8C5928
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/821789295?h=d04fde5f2c&badge=0&autopause=0&player_id=0&app_id=58479
Frame ID: 015A1070F801607066078FE2806F4317
Requests: 1 HTTP requests in this frame

Frame: https://77c517dd-c9ab-47b8-82cb-6d9f4670061b.rlets.com/static/storage.html
Frame ID: 319C66A9E558ADEB088DAE2B6674E323
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfi-6YoAAAAAF_-EzbwkaVjAJG9E966t8tEUhY8&co=aHR0cHM6Ly93d3cucHJvdmlkZW5jZWV5ZS5jb206NDQz&hl=en&v=EGbODne6buzpTnWrrBprcfAY&size=invisible&cb=9v4v9i1el1v7
Frame ID: 37AD29A8AD4B2BD3A457F6ACF4C62C53
Requests: 1 HTTP requests in this frame

Frame: https://cdn.rlets.com/capture_static/mms/capture.js
Frame ID: 99389574775F6F23D439CDE8EA4959BF
Requests: 1 HTTP requests in this frame

Frame: https://77c517dd-c9ab-47b8-82cb-6d9f4670061b.rlets.com/static/storage.html
Frame ID: 8D44F6921C4BA6AA8F455BC56333739E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Wicked Bad Vision | Providence Eye

Page URL History Show full URLs

  1. https://wickedbadvision.org/ HTTP 301
    https://www.providenceeye.com/lp/wicked-bad-vision Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

55
Requests

96 %
HTTPS

74 %
IPv6

21
Domains

27
Subdomains

27
IPs

6
Countries

1204 kB
Transfer

3318 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wickedbadvision.org/ HTTP 301
    https://www.providenceeye.com/lp/wicked-bad-vision Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://s.adroll.com/j/pre/YIW4UJC2WJB5VHW3WSW2P5/ZEVRJIBX3ZHP5FFUDC77QA/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wicked-bad-vision
www.providenceeye.com/lp/
Redirect Chain
  • https://wickedbadvision.org/
  • https://www.providenceeye.com/lp/wicked-bad-vision
27 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.providenceeye.com/lp/wicked-bad-vision
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:305a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Craft CMS
Resource Hash
312963a7ad5df2810f773abfbd9adfe3db0d140df4ad871a10939c4ded1515ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8c98addcfa9793e2-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 27 Sep 2024 04:16:35 GMT
link
<https://www.providenceeye.com/lp/wicked-bad-vision>; rel="canonical"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Craft CMS
x-xss-protection
1; mode=block

Redirect headers

content-length
162
content-type
text/html
date
Fri, 27 Sep 2024 04:16:35 GMT
location
https://www.providenceeye.com/lp/wicked-bad-vision
server
nginx
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 		152 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/lp/wicked-bad-vision
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.providenceeye.com
Referer
https://www.providenceeye.com/

Response headers

cdn-status
200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"a15c2ac3234aa8f6064ef9c1f7383c37"
age
16617064
x-content-type-options
nosniff
date
Fri, 27 Sep 2024 04:16:36 GMT
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
12/12/2023 01:20:55
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
f526089bc631951dfd85a6b4a363b89f
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8c98ade10a5077b1-LHR
access-control-allow-origin
*
cdn-edgestorageid
1070
server
cloudflare
cdn-requestcountrycode
US
all.css
use.fontawesome.com/releases/v5.8.1/css/ 		54 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/lp/wicked-bad-vision
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
age
384885
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WKy%2F09fkxCHzcGGwyjzHiQMWUvTuuv9XVn1L4garucPDxbzEdYj8DPXAzQtwtHY0yFXZ5nMlS3zb6b3gpFVS7o9epn9vd7ai7l1G9%2B2looi%2FIdFTJRVuJwvQ4tElXbeB%2FF19GlQbArzYA57Ifa6w0tfU"}],"group":"cf-nel","max_age":604800}
cf-ray
8c98addfab696319-LHR
alt-svc
h3=":443"; ma=86400
date
Fri, 27 Sep 2024 04:16:35 GMT
content-type
text/css
last-modified
Fri, 22 Sep 2023 01:45:55 GMT
vary
Accept-Encoding
server
cloudflare
main.min.css
www.providenceeye.com/css/ 		48 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.providenceeye.com/css/main.min.css?v=1.28
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/lp/wicked-bad-vision
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:305a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4a9cf4a65217714891f1e14b5d5d2aef4f512ec4c84e4cfecec4abe7864ab09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=14400
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"66b520ec-bf8a"
x-content-type-options
nosniff
cf-ray
8c98addedbef93e2-LHR
x-xss-protection
1; mode=block
date
Fri, 27 Sep 2024 04:16:35 GMT
content-type
text/css
last-modified
Thu, 08 Aug 2024 19:47:56 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
bd71c3eb-d447-1418-84c2-c0883a019486
chat.solutionreach.com/conversations/widget/ 		0
0
ProvEye_Est_SVG.svg
d31ujbw5b6hsxj.cloudfront.net/generic/_logo/ 		41 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d31ujbw5b6hsxj.cloudfront.net/generic/_logo/ProvEye_Est_SVG.svg
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/lp/wicked-bad-vision
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4800:11:d973:adc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6ab44fa3e5d61f92a2dae6afc7e954df47df0b3358eac35646f6e73705a39a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

x-amz-cf-pop
FRA56-P2
content-encoding
br
etag
W/"42ba1e7dc211c03123540be6471f89e6"
age
79086
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
yqLSQMJhcY1GDec517VAyS7sivF9p2Pj9FO1dBz9jUBOQyiGvAyXmg==
date
Thu, 26 Sep 2024 06:18:31 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
AmazonS3
last-modified
Wed, 03 May 2023 19:59:56 GMT
x-amz-server-side-encryption
AES256
player.js
player.vimeo.com/api/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/api/player.js
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/lp/wicked-bad-vision
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
794b9f4fa15362394d9913554121b956f2ee5f5dc368540a8cc761dc9c7668f1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Age
1686
x-backend-server
player-backend-edge-entry
expires
Fri, 27 Sep 2024 00:18:29 GMT
x-player-backend
g
x-cache
HIT
Date
Fri, 27 Sep 2024 04:16:35 GMT
Content-Type
application/javascript;charset=utf-8
x-bapp-server
x-served-by
cache-lcy-eglc8600047-LCY
x-cache-hits
613
vary
Accept-Encoding
content-security-policy
default-src 'none'; style-src 'unsafe-inline'
Cache-Control
max-age=1800
x-timer
S1727410596.833457,VS0,VE0
Connection
keep-alive
via
1.1 varnish
CF-RAY
8c98addfe8d279b5-LHR
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
11434
Server
cloudflare
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/lp/wicked-bad-vision
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.providenceeye.com
Referer
https://www.providenceeye.com/

Response headers

content-encoding
gzip
etag
W/"28feccc0-15851"
age
2659833
x-cache
HIT, HIT
date
Fri, 27 Sep 2024 04:16:35 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
13, 154131
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21965-LGA, cache-lcy-eglc8600082-LCY
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1727410596.784655,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30638
server
nginx
site.min.js
www.providenceeye.com/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.providenceeye.com/js/site.min.js?v=1.28
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/lp/wicked-bad-vision
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:305a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74af9d3fa60df1d00284f164c732d8fd0e258211c9e989b9cf1c064b4db65fb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=14400
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"65425ca5-2f7d"
x-content-type-options
nosniff
cf-ray
8c98ade01caa93e2-LHR
x-xss-protection
1; mode=block
date
Fri, 27 Sep 2024 04:16:35 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 01 Nov 2023 14:11:49 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
9ab47b882cb6d9f4670061b.js
cdn.rlets.com/capture_configs/77c/517/ddc/ 		184 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rlets.com/capture_configs/77c/517/ddc/9ab47b882cb6d9f4670061b.js
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/lp/wicked-bad-vision
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:7400:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ac8f404bdb702420559eda346c8e33d1e51d36484bfb9e09b2016ed1ce8f7c48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

x-request-id
c2fc08b572c67e5ed9d03c669173f772
content-encoding
br
etag
W/"ac8f404bdb702420559eda346c8e33d1"
age
4849
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
0Vl4HM2h91bseFnHmO8pCJbZot7Kt4MD2KRri9tT6EtsSS_MrHaiKg==
date
Fri, 27 Sep 2024 02:55:46 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-runtime
0.169779
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
via
1.1 392cb865edfd76152c5ac655614b2f60.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P12
api.js
www.google.com/recaptcha/ 		1 KB
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lfi-6YoAAAAAF_-EzbwkaVjAJG9E966t8tEUhY8
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/lp/wicked-bad-vision
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d83e4746eefdf807d11243331d923f4f34d633fb5b92a23d999403dc6b91eea7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Fri, 27 Sep 2024 04:16:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Fri, 27 Sep 2024 04:16:36 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/lp/wicked-bad-vision
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
age
4976854
x-content-type-options
nosniff
date
Fri, 27 Sep 2024 04:16:36 GMT
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
03/18/2024 12:03:07
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
bb4b44db24368fbebae78f1351881c3e
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8c98ade1baac9566-LHR
access-control-allow-origin
*
cdn-edgestorageid
1072
server
cloudflare
cdn-requestcountrycode
FR
css
fonts.googleapis.com/ 		34 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600,600i,800&display=swap
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/css/main.min.css?v=1.28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
798750e44872e8860dc7b75a7dca52a3dbe78823c5371c349799bdbb2db129d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 27 Sep 2024 04:16:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 04:16:35 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 27 Sep 2024 04:16:35 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
gtm.js
www.googletagmanager.com/ 		300 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-57TVX8L
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/lp/wicked-bad-vision
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
17f811d4651cb12baff8e600b59e9d18f0512c14dfe3c2a572b3801910ed431c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 27 Sep 2024 04:16:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 04:16:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 27 Sep 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
105337
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		322 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-T5QETSQCPB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57TVX8L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1dadea4dc74a8737fe5817216a9f1682f159e21f90ed7975a58a6441fd842881
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 27 Sep 2024 04:16:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 04:16:37 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107834
x-xss-protection
0
server
Google Tag Manager
roundtrip.js
s.adroll.com/j/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57TVX8L
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e7cf5423996cb33fa1d00f046eb950cd15eca51e98b542bb9f067ab7e68d4f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
X-Amz-Version-Id
M_2AOfSDCQx2zhzkh6_SJDABrsA.7Kgg
Etag
W/"8477adc58c3f773d12fe1e360fd6ff0c"
Age
1515
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
SHVmqVam6Z4DbkBaU08XyH_DcSBb2hQmM2UvFQ0j-nd5NoJRu2cyRQ==
Date
Fri, 27 Sep 2024 03:51:23 GMT
Content-Type
text/javascript
Vary
Accept-Encoding
Last-Modified
Thu, 22 Aug 2024 15:43:23 GMT
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
Cache-Control
max-age=3600, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 fca814089bc9a82fba87ce0548f9f358.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA60-P6
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
bat.js
bat.bing.com/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57TVX8L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"803483b3aaadb1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 249D022F59324F15B6AF905AF9E7A9C2 Ref B: LON04EDGE1012 Ref C: 2024-09-27T04:16:37Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14402
date
Fri, 27 Sep 2024 04:16:37 GMT
content-type
application/javascript
last-modified
Thu, 19 Sep 2024 15:43:41 GMT
vary
Accept-Encoding
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-T5QETSQCPB&gtm=45je49p0v876734802z8812535784za200zb812535784&_p=1727410596086&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101686685~101747727&cid=7181529.1727410597&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1727410597&sct=1&seg=0&dl=https%3A%2F%2Fwww.providenceeye.com%2Flp%2Fwicked-bad-vision&dt=Wicked%20Bad%20Vision%20%7C%20Providence%20Eye&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=Other&ep.dlv_patient_status=%7Bdlv%20-%20Patient%20Status%7D%7D&tfd=2538
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T5QETSQCPB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.providenceeye.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 04:16:37 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
558 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T5QETSQCPB&cid=7181529.1727410597&gtm=45je49p0v876734802z8812535784za200zb812535784&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101686685~101747727
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T5QETSQCPB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.providenceeye.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 04:16:37 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 19D8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-T5QETSQCPB&gacid=7181529.1727410597&gtm=45je49p0v876734802z8812535784za200zb812535784&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101686685~101747727&z=1009097205
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T5QETSQCPB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.providenceeye.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 27 Sep 2024 04:16:37 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.co.uk/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T5QETSQCPB&cid=7181529.1727410597&gtm=45je49p0v876734802z8812535784za200zb812535784&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101686685~101747727&tag_exp=101671035~101686685~101747727&z=1189634622
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/lp/wicked-bad-vision
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 27 Sep 2024 04:16:37 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/YIW4UJC2WJB5VHW3WSW2P5/ZEVRJIBX3ZHP5FFUDC77QA/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/lp/wicked-bad-vision
Protocol
HTTP/1.1
Server
2600:9000:2644:8a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

Access-Control-Max-Age
600
X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Age
83682
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
Rbdwmuk4SiVIR7CBziU_DWRv59-x0hdYDyw4_t8wRz2dVOuppBcy6Q==
Date
Thu, 26 Sep 2024 05:01:56 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Access-Control-Allow-Headers
*
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 fca814089bc9a82fba87ce0548f9f358.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
0
X-Amz-Cf-Pop
FRA60-P6
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256

Redirect headers

Access-Control-Max-Age
600
Age
70620
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
0n2WhUOYmEzqHo8E44ftkZPY1_jjXxAKh-AFkBancszBl_lCpC-NSg==
Date
Thu, 26 Sep 2024 08:39:36 GMT
Content-Type
application/xml
Access-Control-Allow-Headers
*
Location
https://s.adroll.com/j/pre/index.js
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 fca814089bc9a82fba87ce0548f9f358.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
Content-Length
0
X-Amz-Cf-Pop
FRA60-P6
Server
AmazonS3
index.js
s.adroll.com/j/pre/YIW4UJC2WJB5VHW3WSW2P5/ZEVRJIBX3ZHP5FFUDC77QA/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/YIW4UJC2WJB5VHW3WSW2P5/ZEVRJIBX3ZHP5FFUDC77QA/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a7616157191cea33870e61c8f37b9842c4a63088c5821eeee34e570679e904f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
X-Amz-Version-Id
Kxdzj5DcBi5oFnNkwXRlS9bZ0ewirmxm
Etag
W/"706be4fd28aeb971d2ff83a528c2073a"
Access-Control-Allow-Methods
GET
X-Cache
RefreshHit from cloudfront
X-Amz-Cf-Id
eHPyxxPT4gEylLzGToxM5wQ_BNcd6KnwxZ1tORXnzr0_Xi3OvqWxtw==
Date
Fri, 27 Sep 2024 04:16:39 GMT
Content-Type
text/javascript; charset=utf-8
Vary
Accept-Encoding
Last-Modified
Tue, 24 Sep 2024 12:39:03 GMT
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
Cache-Control
max-age=3600, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 fca814089bc9a82fba87ce0548f9f358.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA60-P6
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
YIW4UJC2WJB5VHW3WSW2P5
d.adroll.com/consent/check/ 		575 B
668 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/YIW4UJC2WJB5VHW3WSW2P5?flg=1&pv=5425262100.643158&arrfrr=https%3A%2F%2Fwww.providenceeye.com%2Flp%2Fwicked-bad-vision&_s=749c8735a34eceb51291bcc5125883fa&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:7832:8de8:241e:da02 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
c5d7e66e7eae8fd61ad11dea609310137b17f16fbccec327c2bfb017ad0163b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

content-length
575
date
Fri, 27 Sep 2024 04:16:38 GMT
content-type
application/javascript
server
nginx/1.22.1
26091488.js
bat.bing.com/p/action/ 		371 B
419 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/26091488.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8a9c46f4371f29ded6f345238dd688515240c3da12b3a220f4f734e7066bb284
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FF5259F5E96940CDA6E72A187CB77C2F Ref B: LON04EDGE1012 Ref C: 2024-09-27T04:16:38Z
x-cache
CONFIG_NOCACHE
date
Fri, 27 Sep 2024 04:16:38 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
consent_tcfv2.js
s.adroll.com/j/ 		418 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/consent_tcfv2.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd9ba351bcf10edc05da17c976144a7da00f2f3909c8dfc7676d4ad198c67d2b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
X-Amz-Version-Id
ft0d4SxQFjtX2yRI.ObDFGK8L5eXjaSF
Etag
W/"eae3ce750eff0d9eb6f3921cae0fe05c"
Age
298
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
d_FMv0sFle4bmaOgSmyqMP95bR--Rz3ionUm_HeZlMzqVkid3_EuEA==
Date
Fri, 27 Sep 2024 04:11:41 GMT
Content-Type
text/javascript
Vary
Accept-Encoding
Last-Modified
Thu, 22 Aug 2024 16:05:42 GMT
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
Cache-Control
max-age=300, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 fca814089bc9a82fba87ce0548f9f358.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA60-P6
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-T5QETSQCPB&gtm=45je49p0v876734802za200zb812535784&_p=1727410596086&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101686685~101747727&cid=7181529.1727410597&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1727410597&sct=1&seg=0&dl=https%3A%2F%2Fwww.providenceeye.com%2Flp%2Fwicked-bad-vision&dt=Wicked%20Bad%20Vision%20%7C%20Providence%20Eye&en=scroll&ep.content_group=Other&ep.dlv_patient_status=%7Bdlv%20-%20Patient%20Status%7D%7D&epn.percent_scrolled=90&_et=34&tfd=7577
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T5QETSQCPB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.providenceeye.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 04:16:42 GMT
content-type
text/plain
server
Golfe2
821789295
player.vimeo.com/video/ Frame 015A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/821789295?h=d04fde5f2c&badge=0&autopause=0&player_id=0&app_id=58479
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/lp/wicked-bad-vision
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm.vhx.com/v2/fairplay/cert https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.providenceeye.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

CF-Cache-Status
DYNAMIC
CF-Ray
8c98ae44b9cf9495-LHR
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 27 Sep 2024 04:16:52 GMT
Expires
Fri, 15 Dec 1985 19:30:00 GMT
Link
<https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin, <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin
Server
cloudflare
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 varnish
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm.vhx.com/v2/fairplay/cert https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
x-backend-server
player-backend-edge-entry
x-bapp-server
player-backend-784878c969-67zl4
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-host
player-backend-784878c969-67zl4
x-player-backend
g
x-served-by
cache-lcy-eglc8600026-LCY
x-timer
S1727410612.968226,VS0,VE339
x-xss-protection
1; mode=block
dot-grid.svg
www.providenceeye.com/images/ 		30 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.providenceeye.com/images/dot-grid.svg
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/css/main.min.css?v=1.28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:305a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2f19cd8f313e66a25a1bb57a8091e2fbba3095ec32e2d4c00eec976430d8cdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/css/main.min.css?v=1.28

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=14400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"64150b31-779f"
x-content-type-options
nosniff
cf-ray
8c98ae43f99b93e2-LHR
x-xss-protection
1; mode=block
date
Fri, 27 Sep 2024 04:16:51 GMT
content-type
image/svg+xml
last-modified
Sat, 18 Mar 2023 00:52:01 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600,600i,800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.providenceeye.com
Referer
https://fonts.googleapis.com/

Response headers

age
76606
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 07:00:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 07:00:05 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600,600i,800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.providenceeye.com
Referer
https://fonts.googleapis.com/

Response headers

age
253622
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 24 Sep 2025 05:49:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 05:49:49 GMT
last-modified
Thu, 14 Dec 2023 02:10:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
50296
x-xss-protection
0
server
sffe
fa-brands-400.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 		73 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.providenceeye.com
Referer
https://use.fontawesome.com/releases/v5.8.1/css/all.css

Response headers

cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"5e2f92123d241cabecf0b289b9b08d4a"
age
397632
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wLC6gVp3Nqwu1FCIpKfNNfqRcJOa0KqSJF7ez6XsVN9xUETJzVdBcwXwL7OGkGYJneKlnH0RFXzKJw6GvEP8FnqvAmrKEPxKHLnUhmfYET3%2BsttxkbTs61fdp1pFSk6Mu3Ppi3pjUU3GcEg1ieLUA8Qi"}],"group":"cf-nel","max_age":604800}
cf-ray
8c98ae44cbfa4084-LHR
accept-ranges
bytes
access-control-allow-origin
*
content-length
74768
date
Fri, 27 Sep 2024 04:16:51 GMT
content-type
font/woff2
last-modified
Fri, 22 Sep 2023 01:45:57 GMT
vary
Origin, Accept-Encoding
server
cloudflare
DSC06281_EDITED-8.21.19.jpg
d31ujbw5b6hsxj.cloudfront.net/generic/Photo-Shoot-August-2019/_headerImage/26967/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d31ujbw5b6hsxj.cloudfront.net/generic/Photo-Shoot-August-2019/_headerImage/26967/DSC06281_EDITED-8.21.19.jpg
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/lp/wicked-bad-vision
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4800:11:d973:adc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8da60fca62eb387e63f838175630adb76c8cd2fee9103cf45419dd63f9a006bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

etag
"83a7c706dabe26cfe24d2bfa0c0c639a"
age
33884
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
58463
x-amz-cf-id
RCpRdd-VTRerWRSpwXgMRbt8hzdZ5NSSRD8s8HUvuSaj5QKbakqq0g==
date
Thu, 26 Sep 2024 18:52:08 GMT
content-type
image/jpeg
last-modified
Wed, 03 May 2023 19:50:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
Cross-Section-of-Eye-with-EVO-vertical-1.jpg
d31ujbw5b6hsxj.cloudfront.net/generic/ICL/_zPattern/54274/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d31ujbw5b6hsxj.cloudfront.net/generic/ICL/_zPattern/54274/Cross-Section-of-Eye-with-EVO-vertical-1.jpg
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/lp/wicked-bad-vision
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4800:11:d973:adc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca1b3d22fa2905494f945a13371e9c6d6d5edf6d1128be17624849751ac0b1c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

etag
"3463c581fdc7b67e4e8bc8ad54183081"
age
33883
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
49198
x-amz-cf-id
q_CbebNKrEaeaSAQQcDa2xcIIGRVpQ7G2i1p4rqQGrq3syBcanTFfQ==
date
Thu, 26 Sep 2024 18:52:09 GMT
content-type
image/jpeg
last-modified
Wed, 03 May 2023 19:53:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
REDEFINEU_02.11.23PROVIDENCEEYE-00327.jpg
d31ujbw5b6hsxj.cloudfront.net/generic/_zPattern/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d31ujbw5b6hsxj.cloudfront.net/generic/_zPattern/REDEFINEU_02.11.23PROVIDENCEEYE-00327.jpg
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/lp/wicked-bad-vision
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4800:11:d973:adc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ca63292f4f5643a7fdedde3738995d802631f3787b4efa854f0dc52703f88d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

etag
"3313fd86c31ea962f405ea10017610d5"
age
33883
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
63079
x-amz-cf-id
-gshS5UbQwIv25X_VtMrSSK4Qo9DnhV8-wKOAdMgPOF61a5Yj0B_uA==
date
Thu, 26 Sep 2024 18:52:09 GMT
content-type
image/jpeg
last-modified
Wed, 07 Jun 2023 20:44:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
popup
www.providenceeye.com/ebooks/ 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.providenceeye.com/ebooks/popup?entryid=60442
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:305a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Craft CMS
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.providenceeye.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
link
<https://www.providenceeye.com/ebooks/popup>; rel="canonical"
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
cf-ray
8c98ae4429bc93e2-LHR
date
Fri, 27 Sep 2024 04:16:52 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
Craft CMS
server
cloudflare
x-frame-options
SAMEORIGIN
recaptcha__en.js
www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/ 		538 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lfi-6YoAAAAAF_-EzbwkaVjAJG9E966t8tEUhY8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4943e91f7f53318d481ca07297395abbc52541c2be55d7276ecda152cd7ad9c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.providenceeye.com
Referer
https://www.providenceeye.com/

Response headers

content-encoding
gzip
age
54002
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 13:16:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 13:16:49 GMT
last-modified
Tue, 03 Sep 2024 02:00:38 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
217247
x-xss-protection
0
server
sffe
storage.html
77c517dd-c9ab-47b8-82cb-6d9f4670061b.rlets.com/static/ Frame 319C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://77c517dd-c9ab-47b8-82cb-6d9f4670061b.rlets.com/static/storage.html
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/77c/517/ddc/9ab47b882cb6d9f4670061b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
78.224.168.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.providenceeye.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length
2056
content-type
text/html
date
Fri, 27 Sep 2024 04:16:52 GMT
last-modified
Wed, 21 Aug 2024 16:44:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
0
bat.bing.com/action/ 		0
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=26091488&tm=gtm002&Ver=2&mid=071ea1e9-ccbe-497d-aa3c-d81c268e77f5&sid=528c16407c8711efb62c19fcc5afbf28&vid=528c82a07c8711ef9799c9cfbb5ef32c&vids=1&msclkid=N&pi=918639831&lg=en-GB&sw=1600&sh=1200&sc=24&tl=Wicked%20Bad%20Vision%20%7C%20Providence%20Eye&p=https%3A%2F%2Fwww.providenceeye.com%2Flp%2Fwicked-bad-vision&r=&lt=17272&evt=pageLoad&sv=1&cdb=AQoV&rn=760523
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/lp/wicked-bad-vision
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 17B15D1ED80B4576AE3E6C58DE4B142C Ref B: LON04EDGE1012 Ref C: 2024-09-27T04:16:51Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Fri, 27 Sep 2024 04:16:51 GMT
fbevents.js
connect.facebook.net/en_US/ 		226 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/lp/wicked-bad-vision
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
979d977217c7032b1cd864c0b65ce5d4ff834aa9ca116198873299b5a60cfc9a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Fri, 27 Sep 2024 04:16:52 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=5676, tp=10, tpl=0, uplat=2, ullat=-1
pragma
public
x-fb-debug
yt7wDb43B/vhOD1iBTrgpsANenWY12J7OZYIBoH6qO24JyvgQBx9VvciBRYKnYAM2j0P/8gi/fI7sDJPjwmo5g==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59070
x-xss-protection
0
origin-agent-cluster
?0
shape-3.svg
www.providenceeye.com/images/ 		2 KB
977 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.providenceeye.com/images/shape-3.svg
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/css/main.min.css?v=1.28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:305a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e547e2b4080c3df013723970f664619f3913701534808c6c0d6aa5ab7b039b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/css/main.min.css?v=1.28

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=14400
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"64150b31-715"
x-content-type-options
nosniff
cf-ray
8c98ae44aa1593e2-LHR
x-xss-protection
1; mode=block
date
Fri, 27 Sep 2024 04:16:52 GMT
content-type
image/svg+xml
last-modified
Sat, 18 Mar 2023 00:52:01 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
shape-4.svg
www.providenceeye.com/images/ 		1 KB
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.providenceeye.com/images/shape-4.svg
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/css/main.min.css?v=1.28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:305a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cb3a46f684d0285f66fd5d673cae74251b98f5b8b95bbb10329308fbeebd321
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/css/main.min.css?v=1.28

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=14400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"64150b31-5dd"
x-content-type-options
nosniff
cf-ray
8c98ae44ba1e93e2-LHR
x-xss-protection
1; mode=block
date
Fri, 27 Sep 2024 04:16:52 GMT
content-type
image/svg+xml
last-modified
Sat, 18 Mar 2023 00:52:01 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
497573307067611
connect.facebook.net/signals/config/ 		83 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/497573307067611?v=2.9.168&r=stable&domain=www.providenceeye.com&hme=3ba426d944c98eb3ce406a0f93fc097d0320a486b65b445a33b2eda3a5aa3429&ex_m=70%2C119%2C105%2C109%2C61%2C4%2C98%2C69%2C16%2C95%2C87%2C51%2C54%2C170%2C173%2C185%2C181%2C182%2C184%2C29%2C99%2C53%2C76%2C183%2C165%2C168%2C178%2C179%2C186%2C129%2C41%2C34%2C141%2C15%2C50%2C192%2C191%2C131%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C91%2C17%2C14%2C94%2C90%2C89%2C106%2C52%2C108%2C39%2C107%2C30%2C92%2C26%2C166%2C169%2C138%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C74%2C100%2C27%2C75%2C9%2C8%2C79%2C48%2C21%2C102%2C101%2C103%2C96%2C10%2C20%2C3%2C38%2C19%2C84%2C56%2C82%2C33%2C73%2C0%2C93%2C32%2C81%2C86%2C47%2C46%2C85%2C37%2C5%2C88%2C80%2C44%2C35%2C83%2C2%2C36%2C63%2C42%2C104%2C45%2C78%2C68%2C110%2C60%2C59%2C31%2C97%2C58%2C55%2C49%2C77%2C72%2C24%2C111
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a90e3e9a17a11483e94c4c5d6d90acb51eab797f987f3226795e35eaaafb9c4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Fri, 27 Sep 2024 04:16:52 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=74, mss=1232, tbw=68474, tp=64, tpl=0, uplat=161, ullat=0
pragma
public
x-fb-debug
HmqiU6TMNLIX0wIrYF1I9ZIFshMm6kCE2NBUcC0Ph0HpXc/kAtZS7zBiFT1EoGSMYV0PaL5CHSBKIpafcDvMTA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
anchor
www.google.com/recaptcha/api2/ Frame 37AD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfi-6YoAAAAAF_-EzbwkaVjAJG9E966t8tEUhY8&co=aHR0cHM6Ly93d3cucHJvdmlkZW5jZWV5ZS5jb206NDQz&hl=en&v=EGbODne6buzpTnWrrBprcfAY&size=invisible&cb=9v4v9i1el1v7
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XfW7Al9ICJtihWo-YOpGnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.providenceeye.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-XfW7Al9ICJtihWo-YOpGnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 27 Sep 2024 04:16:52 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?batch=1&events[0]=id%3D497573307067611%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fwww.providenceeye.com%26rl%3D%26if%3Dfalse%26ts%3D1727410612354%26sw%3D1600%26sh%3D1200%26v%3D2.9.168%26r%3Dstable%26a%3Dtmgoogletagmanager%26ec%3D0%26o%3D4124%26fbp%3Dfb.1.1727410612349.727286031218334682%26cs_est%3Dtrue%26pm%3D1%26hrl%3Dbd5071%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1727410612125%26coo%3Dfalse%26cs_cc%3D1%26cas%3D7623315027717970%252C24737604592549957%26exp%3Df1&rqm=GET
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/lp/wicked-bad-vision
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=16, rtx=0, c=10, mss=1392, tbw=2793, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 27 Sep 2024 04:16:52 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=497573307067611&ev=PageView&dl=https%3A%2F%2Fwww.providenceeye.com&rl=&if=false&ts=1727410612354&sw=1600&sh=1200&v=2.9.168&r=stable&a=tmgoogletagmanager&ec=0&o=4124&fbp=fb.1.1727410612349.727286031218334682&cs_est=true&pm=1&hrl=bd5071&ler=empty&cdl=API_unavailable&it=1727410612125&coo=false&cs_cc=1&cas=7623315027717970%2C24737604592549957&exp=f1&rqm=FGET
Requested by
Host: www.providenceeye.com
URL: https://www.providenceeye.com/lp/wicked-bad-vision
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7419172085501011189"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 27 Sep 2024 04:16:52 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7419172085501011189", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
xpWzTMpflgVY0YXnnOwXG+mmU4EU5UfWG6YRVzE4S4FqDxzsbI5zlIEcfauTllbs8Qp6eZeC3Eyx2Bo4ubswdA==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1392, tbw=3111, tp=-1, tpl=-1, uplat=120, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
originCountry
capture-api.reachlocalservices.com/ 		36 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capture-api.reachlocalservices.com/originCountry
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/77c/517/ddc/9ab47b882cb6d9f4670061b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-58.fra60.r.cloudfront.net
Software
/
Resource Hash
22cf051cb6374ac9edc083ae947200b04db763f7618f0539fb66274479fe38e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.providenceeye.com/

Response headers

x-amz-apigw-id
evy0aGw0vHcEQMw=
x-amzn-trace-id
Root=1-66f631b5-1db32f8d12099f2c5bae751d;Parent=72a3f2cbf306e61f;Sampled=0;lineage=1:a245b58f:0
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-amzn-requestid
b8a385bc-1437-4b99-81ae-6f076bcdd925
via
1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
36
x-amz-cf-id
QIPoQJrBJWmfX461o9bV2kQGFwPpd0SaXhbMxxYaBUFEy26F9RS_qg==
date
Fri, 27 Sep 2024 04:16:53 GMT
content-type
application/json
x-amz-cf-pop
FRA60-P4
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
originCountry
capture-api.reachlocalservices.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://capture-api.reachlocalservices.com/originCountry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-58.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.providenceeye.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Fri, 27 Sep 2024 04:16:53 GMT
via
1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
x-amz-apigw-id
evy0VFqXvHcEC3w=
x-amz-cf-id
ogov8KOIbQWPnCfSyOEVggIIwl8liVdc9pu75inbuYvwIr_vTyklhQ==
x-amz-cf-pop
FRA60-P4
x-amzn-requestid
5b620fb9-4094-4629-82cf-d86bb597ca6d
x-cache
Miss from cloudfront
favicon.ico
www.providenceeye.com/images/ 		1 KB
767 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.providenceeye.com/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:305a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30f08ccef68afe8152a74b1a19e62e357228729e5286cce0842a210905e984dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=14400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"64150b31-47e"
x-content-type-options
nosniff
cf-ray
8c98ae4bafb293e2-LHR
x-xss-protection
1; mode=block
date
Fri, 27 Sep 2024 04:16:53 GMT
content-type
image/x-icon
last-modified
Sat, 18 Mar 2023 00:52:01 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
_.gif
fault.rlets.com/static/ 		43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fault.rlets.com/static/_.gif?s=77c517dd-c9ab-47b8-82cb-6d9f4670061b&m=Unknown%20OS%20or%20OS%20Version&f=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.31.113 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.31.138.34.bc.googleusercontent.com
Software
/
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOWALL

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/

Response headers

x-frame-options
ALLOWALL
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
1cf3eb372fe7a36afa1bc29c383030b7
cache-control
private
etag
W/"42b976597a2d977d0e300f6d06bc903d"
content-transfer-encoding
binary
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
*
date
Fri, 27 Sep 2024 04:16:54 GMT
content-type
image/gif
content-disposition
inline
x-runtime
0.002241
access-control-allow-headers
Content-Type
capture.js
cdn.rlets.com/capture_static/mms/ Frame 9938 		177 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rlets.com/capture_static/mms/capture.js
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/77c/517/ddc/9ab47b882cb6d9f4670061b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:7400:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d9ab69dce58f38aa6645744ec9ec579bc0a961e057fe428b98e2a834a5bd0481

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-amz-cf-pop
FRA56-P12
content-encoding
br
etag
W/"04724134d571b7964120d72a52caedb0"
age
31382
via
1.1 392cb865edfd76152c5ac655614b2f60.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
-6-243jIctwN3BQ6st2Zx2HUk6tYlUtXbPP_nbOFADo580wyS6IkFA==
date
Thu, 26 Sep 2024 19:34:20 GMT
content-type
application/javascript
vary
Accept-Encoding
server
AmazonS3
last-modified
Wed, 25 Sep 2024 18:31:52 GMT
x-amz-server-side-encryption
AES256
d9a5dd70-50f0-0134-a365-0cc47abc2b4e
tag.simpli.fi/sifitag/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/d9a5dd70-50f0-0134-a365-0cc47abc2b4e
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/77c/517/ddc/9ab47b882cb6d9f4670061b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
151.162.234.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
60f1b526f73cadfcecf31331815e8a748dac5fbf2d78fc9040404f38f374e6bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.providenceeye.com/lp/wicked-bad-vision

Response headers

x-request-id
F_j-zRJvuqZ3y1YlkDPB
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding
gzip
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Fri, 27 Sep 2024 04:16:53 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
openresty
visits
77c517dd-c9ab-47b8-82cb-6d9f4670061b.rlets.com/api/v1/ 		0
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://77c517dd-c9ab-47b8-82cb-6d9f4670061b.rlets.com/api/v1/visits
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/77c/517/ddc/9ab47b882cb6d9f4670061b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
78.224.168.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOWALL

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.providenceeye.com/

Response headers

x-frame-options
ALLOWALL
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
5163908ed0c3ab3a70252735c4c8a0ca
cache-control
no-cache
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
*
date
Fri, 27 Sep 2024 04:16:54 GMT
content-type
text/html
x-runtime
0.007663
access-control-allow-headers
Content-Type
visits
77c517dd-c9ab-47b8-82cb-6d9f4670061b.rlets.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://77c517dd-c9ab-47b8-82cb-6d9f4670061b.rlets.com/api/v1/visits
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
78.224.168.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOWALL

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.providenceeye.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-type
text/html
date
Fri, 27 Sep 2024 04:16:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
ALLOWALL
x-request-id
0c4e75619e1e77a75ff864b96fe3888e
x-runtime
0.002402
storage.html
77c517dd-c9ab-47b8-82cb-6d9f4670061b.rlets.com/static/ Frame 8D44 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://77c517dd-c9ab-47b8-82cb-6d9f4670061b.rlets.com/static/storage.html
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_static/mms/capture.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
78.224.168.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length
2056
content-type
text/html
date
Fri, 27 Sep 2024 04:16:52 GMT
last-modified
Wed, 21 Aug 2024 16:44:54 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
chat.solutionreach.com
URL
https://chat.solutionreach.com/conversations/widget/bd71c3eb-d447-1418-84c2-c0883a019486

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| dataLayer function| onloadCallback object| google_tag_manager object| google_tag_data string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded function| onYouTubeIframeAPIReady object| gaGlobal string| adroll_sid object| __adroll_consent_data object| adroll object| __adroll object| adroll_loaded object| adroll_callbacks function| adroll_tpc_callback function| UET function| UET_init function| UET_push object| ueto_e38cc7c40d object| uetq function| __cmp function| __tcfapi object| adroll_exp_list string| __adroll_url_category boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country function| __gpp object| $jscomp string| BANNER_VERSION string| TCF_VERSION string| IABWRITE_NO_COOKIE object| __adroll_consent_banner object| Vimeo boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam function| $ function| jQuery object| snickerdoodle object| ux object| videos object| popups object| blog object| nav object| forms object| evalForm object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| onSubmit object| bootstrap object| rl_widget_cfg object| RLCAP object| captureStatus function| fbq function| _fbq object| recaptcha object| closure_lm_411167 object| RL object| sifi_att_42656

24 Cookies

Domain/Path Name / Value
.providenceeye.com/ Name: __cf_bm
Value: 9hHvqBnO4e3NkiFKiEIwNzg2T9bGCaKDhihHAdpy3j8-1727410595-1.0.1.1-VcuvYGoPJXI_jHW6pPOQLBOJxJXYPqLEvdP18ycZ6df7PMWNGKDmIfmend1gc5s0fr3ukkikitNiC2.xE2n0zw
.providenceeye.com/ Name: _gcl_au
Value: 1.1.1943795030.1727410597
.providenceeye.com/ Name: _ga
Value: GA1.1.7181529.1727410597
.providenceeye.com/ Name: _ga_T5QETSQCPB
Value: GS1.1.1727410597.1.0.1727410597.60.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.providenceeye.com/ Name: _uetsid
Value: 528c16407c8711efb62c19fcc5afbf28
.providenceeye.com/ Name: _uetvid
Value: 528c82a07c8711ef9799c9cfbb5ef32c
.bing.com/ Name: MUID
Value: 1CDE94EA335E6F812FCB81ED32BE6EBE
.providenceeye.com/ Name: _fbp
Value: fb.1.1727410612349.727286031218334682
77c517dd-c9ab-47b8-82cb-6d9f4670061b.rlets.com/ Name: test
Value: test
.vimeo.com/ Name: vuid
Value: pl94971653.202853640
.vimeo.com/ Name: __cf_bm
Value: .95VLlfAV0ThP_DNeOHGK7hYFqiBXZxYLJp80j2Q1lA-1727410612-1.0.1.1-Efn_g.4mvZzuESY4tAzijbIOcd22x7VD._tI7DAxk8.iX9SKkg8_f0vN.kpo9bPY
.vimeo.com/ Name: _cfuvid
Value: wxXFZHU2UmR79JHcS.r_8wGGFW6e63lj1bWPlVV67sE-1727410612956-0.0.1.1-604800000
www.providenceeye.com/ Name: rl_visitor_history
Value: 7392569a-b112-4dc4-9661-c52549d6c1fc
www.providenceeye.com/ Name: sifi_user_id
Value: undefined
.providenceeye.com/ Name: capture_storage
Value: %7B%2277c517dd-c9ab-47b8-82cb-6d9f4670061b%22%3A%7B%22visitor_id%22%3A%227392569a-b112-4dc4-9661-c52549d6c1fc%22%7D%7D
77c517dd-c9ab-47b8-82cb-6d9f4670061b.rlets.com/ Name: bot_type
Value:
77c517dd-c9ab-47b8-82cb-6d9f4670061b.rlets.com/ Name: history_campaign
Value:
77c517dd-c9ab-47b8-82cb-6d9f4670061b.rlets.com/ Name: history_referrer_type
Value: DIRECT
77c517dd-c9ab-47b8-82cb-6d9f4670061b.rlets.com/ Name: last_activity_at
Value: 1727410613674
77c517dd-c9ab-47b8-82cb-6d9f4670061b.rlets.com/ Name: visitor_id
Value: 7392569a-b112-4dc4-9661-c52549d6c1fc
77c517dd-c9ab-47b8-82cb-6d9f4670061b.rlets.com/ Name: sifi_user_id
Value:
77c517dd-c9ab-47b8-82cb-6d9f4670061b.rlets.com/ Name: visit_id
Value: 907ec845-8dea-4fdf-aef4-cebe7fdcd5fc
.simpli.fi/ Name: suid
Value: AB16064A82884A76ACDCF936CFB270FB

2 Console Messages

Source Level URL
Text
network error URL: https://chat.solutionreach.com/conversations/widget/bd71c3eb-d447-1418-84c2-c0883a019486
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
other warning URL: https://www.providenceeye.com/lp/wicked-bad-vision(Line 161)
Message:
Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

77c517dd-c9ab-47b8-82cb-6d9f4670061b.rlets.com
bat.bing.com
capture-api.reachlocalservices.com
cdn.rlets.com
chat.solutionreach.com
code.jquery.com
connect.facebook.net
d.adroll.com
d31ujbw5b6hsxj.cloudfront.net
fault.rlets.com
fonts.googleapis.com
fonts.gstatic.com
player.vimeo.com
region1.analytics.google.com
s.adroll.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
tag.simpli.fi
td.doubleclick.net
use.fontawesome.com
wickedbadvision.org
www.facebook.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.gstatic.com
www.providenceeye.com
chat.solutionreach.com
162.159.128.61
162.159.138.60
18.66.147.58
2001:4860:4802:34::36
2600:9000:223c:4800:11:d973:adc0:21
2600:9000:2644:8a00:6:9280:1080:93a1
2600:9000:2724:7400:6:9a19:88c0:93a1
2606:4700:10::6816:305a
2606:4700:3036::6815:1b98
2606:4700::6812:acf
2620:1ec:33::10
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:81c::200a
2a00:1450:4001:831::2003
2a00:1450:400c:c1d::9a
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42::649
2a05:d018:cc3:fe05:7832:8de8:241e:da02
34.138.31.113
34.168.224.78
35.234.162.151
74.207.228.80
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
14e547e2b4080c3df013723970f664619f3913701534808c6c0d6aa5ab7b039b
17f811d4651cb12baff8e600b59e9d18f0512c14dfe3c2a572b3801910ed431c
1dadea4dc74a8737fe5817216a9f1682f159e21f90ed7975a58a6441fd842881
22cf051cb6374ac9edc083ae947200b04db763f7618f0539fb66274479fe38e9
2a90e3e9a17a11483e94c4c5d6d90acb51eab797f987f3226795e35eaaafb9c4
2ca63292f4f5643a7fdedde3738995d802631f3787b4efa854f0dc52703f88d6
30f08ccef68afe8152a74b1a19e62e357228729e5286cce0842a210905e984dd
312963a7ad5df2810f773abfbd9adfe3db0d140df4ad871a10939c4ded1515ec
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4943e91f7f53318d481ca07297395abbc52541c2be55d7276ecda152cd7ad9c3
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60f1b526f73cadfcecf31331815e8a748dac5fbf2d78fc9040404f38f374e6bf
73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4
74af9d3fa60df1d00284f164c732d8fd0e258211c9e989b9cf1c064b4db65fb3
794b9f4fa15362394d9913554121b956f2ee5f5dc368540a8cc761dc9c7668f1
798750e44872e8860dc7b75a7dca52a3dbe78823c5371c349799bdbb2db129d0
7cb3a46f684d0285f66fd5d673cae74251b98f5b8b95bbb10329308fbeebd321
7e7cf5423996cb33fa1d00f046eb950cd15eca51e98b542bb9f067ab7e68d4f6
8a9c46f4371f29ded6f345238dd688515240c3da12b3a220f4f734e7066bb284
8da60fca62eb387e63f838175630adb76c8cd2fee9103cf45419dd63f9a006bf
979d977217c7032b1cd864c0b65ce5d4ff834aa9ca116198873299b5a60cfc9a
9a7616157191cea33870e61c8f37b9842c4a63088c5821eeee34e570679e904f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8f404bdb702420559eda346c8e33d1e51d36484bfb9e09b2016ed1ce8f7c48
b2f19cd8f313e66a25a1bb57a8091e2fbba3095ec32e2d4c00eec976430d8cdb
c5d7e66e7eae8fd61ad11dea609310137b17f16fbccec327c2bfb017ad0163b1
ca1b3d22fa2905494f945a13371e9c6d6d5edf6d1128be17624849751ac0b1c4
d83e4746eefdf807d11243331d923f4f34d633fb5b92a23d999403dc6b91eea7
d9ab69dce58f38aa6645744ec9ec579bc0a961e057fe428b98e2a834a5bd0481
dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed
dd9ba351bcf10edc05da17c976144a7da00f2f3909c8dfc7676d4ad198c67d2b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ab44fa3e5d61f92a2dae6afc7e954df47df0b3358eac35646f6e73705a39a9
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4a9cf4a65217714891f1e14b5d5d2aef4f512ec4c84e4cfecec4abe7864ab09