urlscan.io logo urlscan.io
SecurityTrails logo

rightsleeping.com Open in urlscan Pro
34.174.103.16  Public Scan

Go To Rescan Add Verdict Report
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Submission: On November 29 via api from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 12 domains to perform 58 HTTP transactions. The main IP is 34.174.103.16, located in Dallas, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is rightsleeping.com.
TLS certificate: Issued by R11 on November 22nd 2024. Valid for: 3 months.
This is the only time rightsleeping.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 30 34.174.103.16 396982 (GOOGLE-CL...)
2 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
6 142.250.198.3 15169 (GOOGLE)
1 108.158.32.82 16509 (AMAZON-02)
2 108.158.20.116 16509 (AMAZON-02)
2 157.240.8.23 32934 (FACEBOOK)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:277... 16509 (AMAZON-02)
1 2 52.8.103.62 16509 (AMAZON-02)
1 2404:6800:400... 15169 (GOOGLE)
2 157.240.8.35 32934 (FACEBOOK)
1 18.67.110.58 16509 (AMAZON-02)
1 18.65.244.76 16509 (AMAZON-02)
1 108.128.190.134 16509 (AMAZON-02)
2 23.40.52.19 20940 (AKAMAI-AS...)
1 52.76.92.93 16509 (AMAZON-02)
1 13.56.46.87 16509 (AMAZON-02)
58 19
30    34.174.103.16 (Dallas, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 16.103.174.34.bc.googleusercontent.com
rightsleeping.com
2    2404:6800:4006:80b::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2404:6800:4004:813::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    142.250.198.3 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s58-in-f3.1e100.net
fonts.gstatic.com
1    108.158.32.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-82.syd3.r.cloudfront.net
static.hotjar.com
2    108.158.20.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-116.syd62.r.cloudfront.net
platform-api.sharethis.com
2    157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net
connect.facebook.net
1    2606:4700:10::ac43:14b1 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.clkmc.com
1    2600:9000:277c:5e00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
2    52.8.103.62 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-103-62.us-west-1.compute.amazonaws.com
l.sharethis.com
1    2404:6800:4006:80a::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com
www.facebook.com
1    18.67.110.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-110-58.syd62.r.cloudfront.net
script.hotjar.com
1    18.65.244.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-76.syd3.r.cloudfront.net
vc.hotjar.io
1    108.128.190.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-190-134.eu-west-1.compute.amazonaws.com
content.hotjar.io
2    23.40.52.19 (United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-40-52-19.deploy.static.akamaitechnologies.com
t.sharethis.com
1    52.76.92.93 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-92-93.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    13.56.46.87 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-56-46-87.us-west-1.compute.amazonaws.com
sync.sharethis.com
Apex Domain
Subdomains		 Transfer
30 rightsleeping.com
rightsleeping.com
5 MB
8 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 5010
buttons-config.sharethis.com — Cisco Umbrella Rank: 5845
l.sharethis.com — Cisco Umbrella Rank: 5470
t.sharethis.com — Cisco Umbrella Rank: 7050
sync.sharethis.com — Cisco Umbrella Rank: 4116
63 KB
6 gstatic.com
fonts.gstatic.com
62 KB
2 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 3181
content.hotjar.io — Cisco Umbrella Rank: 5577
402 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
212 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
74 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 888
script.hotjar.com — Cisco Umbrella Rank: 1185
61 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
179 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026
695 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
1 clkmc.com
cdn.clkmc.com — Cisco Umbrella Rank: 148674
21 KB
58 12
Domain Requested by
30 rightsleeping.com 1 redirects rightsleeping.com
6 fonts.gstatic.com fonts.googleapis.com
2 t.sharethis.com platform-api.sharethis.com
t.sharethis.com
2 www.facebook.com rightsleeping.com
2 l.sharethis.com 1 redirects rightsleeping.com
2 connect.facebook.net rightsleeping.com
connect.facebook.net
2 platform-api.sharethis.com www.googletagmanager.com
platform-api.sharethis.com
2 www.googletagmanager.com rightsleeping.com
www.googletagmanager.com
2 fonts.googleapis.com rightsleeping.com
1 sync.sharethis.com
1 bcp.crwdcntrl.net platform-api.sharethis.com
1 content.hotjar.io script.hotjar.com
1 vc.hotjar.io script.hotjar.com
1 script.hotjar.com static.hotjar.com
1 www.google-analytics.com www.googletagmanager.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 cdn.clkmc.com www.googletagmanager.com
1 static.hotjar.com rightsleeping.com
58 18

This site contains no links.

Subject Issuer Validity Valid
*.rightsleeping.com
R11		 2024-11-22 -
2025-02-20		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
sharethis.com
Amazon RSA 2048 M03		 2024-04-19 -
2025-05-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-08 -
2024-12-07		 3 months crt.sh
clkmc.com
WE1		 2024-10-30 -
2025-01-28		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-02-07 -
2025-03-08		 a year crt.sh
cert1-prod.aut.a24365.net
R11		 2024-11-04 -
2025-02-02		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M03		 2024-09-08 -
2025-10-08		 a year crt.sh

This page contains 2 frames:

Primary Page: https://rightsleeping.com/ad/derila-us-ad-5/
Frame ID: 21CCF2E23C16F0F1E25481999226C0C8
Requests: 56 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1601.23404&cid=c010&cls=B
Frame ID: C6891CD87AF9F5E79BAAA53C70017EF5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

5 Reasons Why You Need The Derila Pillow

Page URL History Show full URLs

  1. https://rightsleeping.com/ad/derila-us-ad-5 HTTP 301
    https://rightsleeping.com/ad/derila-us-ad-5/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

58
Requests

97 %
HTTPS

28 %
IPv6

12
Domains

18
Subdomains

19
IPs

4
Countries

5684 kB
Transfer

7187 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rightsleeping.com/ad/derila-us-ad-5 HTTP 301
    https://rightsleeping.com/ad/derila-us-ad-5/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://l.sharethis.com/pview?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-5%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-5%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=5%20Reasons%20Why%20You%20Need%20The%20Derila%20Pillow&cms=unknown&publisher=62ef670c899767001cf551f5&sop=true&version=st_sop.js&lang=en&description=Transform%20your%20sleep%20experience%20and%20wake%20up%20refreshed%20every%20day%20with%20the%20Derila%20pillow!%20Discover%20how%20this%20innovative%20pillow%20combines%20comfort%20with%20health&ua=&ua_mobile=false&ua_full_version_list=&uuid=e98a5814-d1e2-4d50-84b9-cb26558dc6eb HTTP 301
  • https://l.sharethis.com/sc?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-5%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-5%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=5%20Reasons%20Why%20You%20Need%20The%20Derila%20Pillow&cms=unknown&publisher=62ef670c899767001cf551f5&sop=true&version=st_sop.js&lang=en&description=Transform%20your%20sleep%20experience%20and%20wake%20up%20refreshed%20every%20day%20with%20the%20Derila%20pillow!%20Discover%20how%20this%20innovative%20pillow%20combines%20comfort%20with%20health&ua=&ua_mobile=false&ua_full_version_list=&uuid=e98a5814-d1e2-4d50-84b9-cb26558dc6eb&samesite=None

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rightsleeping.com/ad/derila-us-ad-5/
Redirect Chain
  • https://rightsleeping.com/ad/derila-us-ad-5
  • https://rightsleeping.com/ad/derila-us-ad-5/
57 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
fb61c5b6f9e9a4087b8112d2ea51c654f1368f2d83a3c9fd2b4760f5a2304806
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 29 Nov 2024 23:41:45 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
link
<https://rightsleeping.com/wp-json/>; rel="https://api.w.org/" <https://rightsleeping.com/wp-json/wp/v2/ad/1525>; rel="alternate"; title="JSON"; type="application/json" <https://rightsleeping.com/?p=1525>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-cache-enabled
True
x-content-type-options
nosniff
x-httpd-modphp
1
x-proxy-cache
HIT
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 29 Nov 2024 23:41:44 GMT
host-header
6b7412fb82ca5edfd0917e3957f05d89
location
https://rightsleeping.com/ad/derila-us-ad-5/
server
nginx
x-cache-enabled
True
x-content-type-options
nosniff
x-httpd-modphp
1
x-proxy-cache
MISS
x-proxy-cache-info
0301 NC:000000 UP:
x-redirect-by
WordPress
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
slick.css
rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/ 		2 KB
721 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/slick.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"65c4b2e2-6f0"
expires
Sat, 29 Nov 2025 23:41:45 GMT
date
Fri, 29 Nov 2024 23:41:45 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 08 Feb 2024 10:54:26 GMT
server
nginx
vary
Accept-Encoding
slick-theme.css
rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/ 		3 KB
996 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/slick-theme.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
74b4f31ecd217da76fdfa10505d202491536753483ff8bd5b9b0137fe75761f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"65c4b2e2-c49"
expires
Sat, 29 Nov 2025 23:41:45 GMT
date
Fri, 29 Nov 2024 23:41:45 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 08 Feb 2024 10:54:26 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/block-library/ 		112 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-includes/css/dist/block-library/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"6740bd03-1c012"
expires
Sat, 29 Nov 2025 23:41:45 GMT
date
Fri, 29 Nov 2024 23:41:45 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Fri, 22 Nov 2024 17:18:59 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/components/ 		86 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-includes/css/dist/components/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
223b2a4c85a7e508c8c95f846e9d7a1eb7d3833d561f5b4e0d998c674d3efb39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"6740bd03-158b7"
expires
Sat, 29 Nov 2025 23:41:45 GMT
date
Fri, 29 Nov 2024 23:41:45 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Fri, 22 Nov 2024 17:18:59 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/preferences/ 		1 KB
719 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-includes/css/dist/preferences/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3170050ba182339c71a5efb9c1d7fc59a2f49251f211031bf7a17502bc4a346d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"6740bd03-5bb"
expires
Sat, 29 Nov 2025 23:41:45 GMT
date
Fri, 29 Nov 2024 23:41:45 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Fri, 22 Nov 2024 17:18:59 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/block-editor/ 		115 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-includes/css/dist/block-editor/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
381dec9786c31e06ff85ae00a7aa3af357278785ba1318bf4bbfb6a8d7bc3ffb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"6740bd03-1ca2a"
expires
Sat, 29 Nov 2025 23:41:45 GMT
date
Fri, 29 Nov 2024 23:41:45 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Fri, 22 Nov 2024 17:18:59 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/reusable-blocks/ 		542 B
461 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-includes/css/dist/reusable-blocks/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
23c023792005dbbf706b9c93b04e0ac92f8801e551c49c2b892ab0d99b864648

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66a1a165-21e"
expires
Sat, 29 Nov 2025 23:41:45 GMT
date
Fri, 29 Nov 2024 23:41:45 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 25 Jul 2024 00:50:45 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/patterns/ 		2 KB
840 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-includes/css/dist/patterns/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
17f5cb0091d3b54e3e9aee77fc8c7eb582da9fdc7a931c40ebe2720f40872ef0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66a1a165-6ed"
expires
Sat, 29 Nov 2025 23:41:45 GMT
date
Fri, 29 Nov 2024 23:41:45 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 25 Jul 2024 00:50:45 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/editor/ 		58 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-includes/css/dist/editor/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9bec6d410810065a33b1bdc33845882b477f9b1441452fe56e840b846f462641

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"6740bd03-e7a3"
expires
Sat, 29 Nov 2025 23:41:45 GMT
date
Fri, 29 Nov 2024 23:41:45 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Fri, 22 Nov 2024 17:18:59 GMT
server
nginx
vary
Accept-Encoding
blocks.style.build.css
rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/ 		1 KB
486 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/blocks.style.build.css
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1d2601471b719ecfc4be8272cbda074e5ff15c43f8f98c5a1eef506d42800b24

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"65c4b2e2-411"
expires
Sat, 29 Nov 2025 23:41:45 GMT
date
Fri, 29 Nov 2024 23:41:45 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 08 Feb 2024 10:54:26 GMT
server
nginx
vary
Accept-Encoding
css
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80b::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5945935b868b1a8f5eb9e4df30b412e760115b11aa161469fbcf79123816a3a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 23:41:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 23:41:45 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 29 Nov 2024 23:04:17 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
widget-areas.min.css
rightsleeping.com/wp-content/themes/generatepress/assets/css/components/ 		3 KB
859 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.5.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f67e99114807ecac9bba6fbb9f81eea467c50c9f03b59974fe696bdfab6ba227

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66d96c0f-d1c"
expires
Sat, 29 Nov 2025 23:41:45 GMT
date
Fri, 29 Nov 2024 23:41:45 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 05 Sep 2024 08:30:07 GMT
server
nginx
vary
Accept-Encoding
main.min.css
rightsleeping.com/wp-content/themes/generatepress/assets/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.5.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c839222ec3a5037179749a843610820436bf575a591a3e0b45404f1970a2cc56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66d96c0f-4c38"
expires
Sat, 29 Nov 2025 23:41:45 GMT
date
Fri, 29 Nov 2024 23:41:45 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 05 Sep 2024 08:30:07 GMT
server
nginx
vary
Accept-Encoding
style.css
rightsleeping.com/wp-content/themes/generatepress_child/ 		255 B
379 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/themes/generatepress_child/style.css?ver=1659802030
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f22691711c373a3444980cc32ab028fa86dad687c1b386e14847a47ce8b88e73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"62ee91ae-ff"
expires
Sat, 29 Nov 2025 23:41:45 GMT
date
Fri, 29 Nov 2024 23:41:45 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Sat, 06 Aug 2022 16:07:10 GMT
server
nginx
vary
Accept-Encoding
css
fonts.googleapis.com/ 		16 KB
917 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Serif+Display%3Aregular%2Citalic&display=auto&ver=3.5.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80b::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99cd643907dc8e8fec0290f21b770f5262ea89ef56bffd1ce74ed548567fa716
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 23:41:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 23:41:45 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 29 Nov 2024 23:41:45 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
jquery.min.js
rightsleeping.com/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"654c1944-15601"
expires
Sat, 29 Nov 2025 23:41:45 GMT
date
Fri, 29 Nov 2024 23:41:45 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Wed, 08 Nov 2023 23:27:00 GMT
server
nginx
vary
Accept-Encoding
jquery-migrate.min.js
rightsleeping.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"64d557c0-3509"
expires
Sat, 29 Nov 2025 23:41:45 GMT
date
Fri, 29 Nov 2024 23:41:45 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Thu, 10 Aug 2023 21:33:52 GMT
server
nginx
vary
Accept-Encoding
slick.js
rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/ 		87 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/slick.js?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"65c4b2e2-15b7b"
expires
Sat, 29 Nov 2025 23:41:45 GMT
date
Fri, 29 Nov 2024 23:41:45 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Thu, 08 Feb 2024 10:54:26 GMT
server
nginx
vary
Accept-Encoding
logo-1.png
rightsleeping.com/wp-content/uploads/2022/08/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rightsleeping.com/wp-content/uploads/2022/08/logo-1.png
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
babfb4526a362fd0dd824dfad485addd3b753aced799ddabf6478b78e4e04f25

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

cache-control
max-age=31536000
etag
"62eecfa7-266b"
expires
Sat, 29 Nov 2025 23:41:45 GMT
accept-ranges
bytes
content-length
9835
date
Fri, 29 Nov 2024 23:41:45 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
image/png
last-modified
Sat, 06 Aug 2022 20:31:35 GMT
server
nginx
x-proxy-cache-info
DT:1
smooth-scroll.min.js
rightsleeping.com/wp-content/plugins/gp-premium/general/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=2.5.0
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ce43697d26defc72fa5aa7e3d7f1296cd19ba9a67cad0e2557aacc7702454f4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66d3245c-1ae3"
expires
Sat, 29 Nov 2025 23:41:45 GMT
date
Fri, 29 Nov 2024 23:41:45 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Sat, 31 Aug 2024 14:10:36 GMT
server
nginx
vary
Accept-Encoding
ta.js
rightsleeping.com/wp-content/plugins/thirstyaffiliates/js/app/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/plugins/thirstyaffiliates/js/app/ta.js?ver=3.11.2
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
17ea19bb52caa07f6588951442f789aa9aeb2b0f089ac3611c9bda36983e5f9c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"667a3735-2bc0"
expires
Sat, 29 Nov 2025 23:41:45 GMT
date
Fri, 29 Nov 2024 23:41:45 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Tue, 25 Jun 2024 03:19:17 GMT
server
nginx
vary
Accept-Encoding
menu.min.js
rightsleeping.com/wp-content/themes/generatepress/assets/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.5.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5af760e4297b064a2150dcd5f63d748a06dfa8b618c9e9d43a87c4ac74fa3974

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66d96c0f-1ca5"
expires
Sat, 29 Nov 2025 23:41:45 GMT
date
Fri, 29 Nov 2024 23:41:45 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Thu, 05 Sep 2024 08:30:07 GMT
server
nginx
vary
Accept-Encoding
9b6aa9eb-3d6e-4547-bccd-0318b997f14a
https://rightsleeping.com/ Frame 		0
0
gtm.js
www.googletagmanager.com/ 		215 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M3NWB2W
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4eaf4d34191ffe1ddbc27b6bf8dffbbc6d813db2a19fc8269b4b7a1c494a27c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 29 Nov 2024 23:41:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 23:41:46 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 29 Nov 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
77920
x-xss-protection
0
server
Google Tag Manager
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.198.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
17410
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 29 Nov 2025 18:51:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 18:51:36 GMT
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
-nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2
fonts.gstatic.com/s/dmserifdisplay/v15/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmserifdisplay/v15/-nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Serif+Display%3Aregular%2Citalic&display=auto&ver=3.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.198.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f3.1e100.net
Software
sffe /
Resource Hash
8b0ceabdff07806ce949c228d047d0824bca1bec4c3c3f83ac2cd077a24e55e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
15831
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 29 Nov 2025 19:17:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 19:17:55 GMT
last-modified
Thu, 24 Aug 2023 17:45:35 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24768
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.198.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f3.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
71575
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 29 Nov 2025 03:48:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 03:48:51 GMT
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.198.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f3.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
588218
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 23 Nov 2025 04:18:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 23 Nov 2024 04:18:08 GMT
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7748
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.198.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f3.1e100.net
Software
sffe /
Resource Hash
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
58259
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 29 Nov 2025 07:30:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 07:30:47 GMT
last-modified
Fri, 22 Mar 2024 00:00:35 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7632
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.198.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f3.1e100.net
Software
sffe /
Resource Hash
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
66677
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 29 Nov 2025 05:10:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 05:10:29 GMT
last-modified
Fri, 22 Mar 2024 00:00:57 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7824
x-xss-protection
0
server
sffe
Derila-v9.mp4
rightsleeping.com/wp-content/uploads/2023/07/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/uploads/2023/07/Derila-v9.mp4
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
16d59e4b565f28a3b75317b289240e806bc65a2f7f201a8b680e559ff077f806

Request headers

Referer
https://rightsleeping.com/ad/derila-us-ad-5/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cache-control
max-age=31536000
etag
"64b656f3-20a3c5"
Content-Range
bytes 0-2139076/2139077
expires
Sat, 29 Nov 2025 23:41:46 GMT
Content-Length
2139077
date
Fri, 29 Nov 2024 23:41:46 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
video/mp4
last-modified
Tue, 18 Jul 2023 09:10:11 GMT
server
nginx
x-proxy-cache-info
DT:1
Derila-v11.mp4
rightsleeping.com/wp-content/uploads/2023/07/ 		943 KB
944 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/uploads/2023/07/Derila-v11.mp4
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
fee6f31d9b17216938a66f16155cde2e48069dec78476d41376a52f506d4f6a8

Request headers

Referer
https://rightsleeping.com/ad/derila-us-ad-5/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cache-control
max-age=31536000
etag
"64b65983-eba57"
Content-Range
bytes 0-965206/965207
expires
Sat, 29 Nov 2025 23:41:46 GMT
Content-Length
965207
date
Fri, 29 Nov 2024 23:41:46 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
video/mp4
last-modified
Tue, 18 Jul 2023 09:21:07 GMT
server
nginx
x-proxy-cache-info
DT:1
Derila-v17.mp4
rightsleeping.com/wp-content/uploads/2023/07/ 		266 KB
266 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/uploads/2023/07/Derila-v17.mp4
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1dbcb2a71a488ca32a43d4fac2fb658fcccf4b1db204a18476af79c0f79e78ec

Request headers

Referer
https://rightsleeping.com/ad/derila-us-ad-5/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cache-control
max-age=31536000
etag
"64b67e61-4270f"
Content-Range
bytes 0-272142/272143
expires
Sat, 29 Nov 2025 23:41:46 GMT
Content-Length
272143
date
Fri, 29 Nov 2024 23:41:46 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
video/mp4
last-modified
Tue, 18 Jul 2023 11:58:25 GMT
server
nginx
x-proxy-cache-info
DT:1
Derila-v13.mp4
rightsleeping.com/wp-content/uploads/2023/07/ 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/uploads/2023/07/Derila-v13.mp4
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
de32121808b4c71fb8ee5e8aae85d0020cba63d055c73f61acc1438ddb689f84

Request headers

Referer
https://rightsleeping.com/ad/derila-us-ad-5/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cache-control
max-age=31536000
etag
"64b6793c-109b74"
Content-Range
bytes 0-1088371/1088372
expires
Sat, 29 Nov 2025 23:41:46 GMT
Content-Length
1088372
date
Fri, 29 Nov 2024 23:41:46 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
video/mp4
last-modified
Tue, 18 Jul 2023 11:36:28 GMT
server
nginx
x-proxy-cache-info
DT:1
Derila-v19.mp4
rightsleeping.com/wp-content/uploads/2023/07/ 		710 KB
711 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/uploads/2023/07/Derila-v19.mp4
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c4d5c0f1821f844cd5387a7ef6af33ffcf528d80fc2f7e36329d4259be84bd43

Request headers

Referer
https://rightsleeping.com/ad/derila-us-ad-5/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cache-control
max-age=31536000
etag
"64b6815d-b16aa"
Content-Range
bytes 0-726697/726698
expires
Sat, 29 Nov 2025 23:41:46 GMT
Content-Length
726698
date
Fri, 29 Nov 2024 23:41:46 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
video/mp4
last-modified
Tue, 18 Jul 2023 12:11:09 GMT
server
nginx
x-proxy-cache-info
DT:1
wp-emoji-release.min.js
rightsleeping.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-includes/js/wp-emoji-release.min.js?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"660de70a-4926"
expires
Sat, 29 Nov 2025 23:41:46 GMT
date
Fri, 29 Nov 2024 23:41:46 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Wed, 03 Apr 2024 23:32:26 GMT
server
nginx
vary
Accept-Encoding
admin-ajax.php
rightsleeping.com/wp-admin/ 		455 B
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-admin/admin-ajax.php
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5cd39f6c631f1c8a143c274efeb97d4584034f4566b164d919bb024943351ae0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://rightsleeping.com/ad/derila-us-ad-5/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-robots-tag
noindex
content-encoding
br
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
date
Fri, 29 Nov 2024 23:41:46 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding
x-proxy-cache-info
DT:1
x-frame-options
SAMEORIGIN
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
access-control-allow-origin
https://rightsleeping.com
host-header
8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp
1
server
nginx
js
www.googletagmanager.com/gtag/ 		299 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BNQM7NW6HE&l=dataLayer&cx=c&gtm=45He4bk0v893062484za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3NWB2W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e861d200038e880398b15b3ad25504157f3696bd4e6b117b2a2cba6a078cbbd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 29 Nov 2024 23:41:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 23:41:46 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104742
x-xss-protection
0
server
Google Tag Manager
hotjar-3140239.js
static.hotjar.com/c/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3140239.js?sv=6
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-82.syd3.r.cloudfront.net
Software
/
Resource Hash
525c58020ee6c8c1d08f5392b4021faabb00c4e36f3570795b96a6cbf85635fd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
content-encoding
br
etag
W/1ddab92eddde20e3081563845dae9ce6
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
x-cache-hit
1
via
1.1 8902bdfd4bf51d2d735e85d0656d36ae.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
FN0X69nlWeL_KN4hzBG6a9chvfRD0uqEUk745f7mzt72tJPTiN64iw==
date
Fri, 29 Nov 2024 23:41:47 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
SYD3-P2
sharethis.js
platform-api.sharethis.com/js/ 		206 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3NWB2W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.20.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-20-116.syd62.r.cloudfront.net
Software
/
Resource Hash
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=600, public
content-encoding
gzip
etag
W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
age
77
via
1.1 08a9275888c86859e545bc29de28a412.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
fZ6yXStixyuU-9ZyJWmex18SqwRJht1mQZ7NG_Ri3Zl92IXg2-YYnw==
edge-control
cache-maxage=60m,downstream-ttl=60m
date
Fri, 29 Nov 2024 23:40:29 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-amz-cf-pop
SYD62-P3
x-frame-options
SAMEORIGIN
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-SW7fwjx8' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 23:41:46 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-SW7fwjx8' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=26, rtx=0, c=23, mss=1232, tbw=4420, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
dRojdXaudJbecZ1pqjcld4tNx+tNp3XULjy6hJ/gdMz+ai97Ev3FtA7beoQ1KRFHczWL8JwaFKlG1uVUtWeCQw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
cmc.js
cdn.clkmc.com/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.clkmc.com/cmc.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3NWB2W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5da274ce6310d42174fbf8369e8737ad5a2db661802d7aeb09ee13da863d7843

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

access-control-max-age
300
cf-cache-status
HIT
etag
"66e1cc81-527f"
age
15990
x-permitted-cross-domain-policies
none
access-control-allow-methods
GET, POST, OPTIONS
expires
Sun, 29 Dec 2024 19:15:15 GMT
date
Fri, 29 Nov 2024 23:41:46 GMT
content-type
application/javascript
last-modified
Wed, 11 Sep 2024 16:59:45 GMT
vary
Accept-Encoding
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control
public, max-age=2592000, no-transform
pragma
public
access-control-allow-credentials
true
cf-ray
8ea6734f1f76e7e1-SYD
accept-ranges
bytes
content-length
21119
server
cloudflare
1436609853526364
connect.facebook.net/signals/config/ 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1436609853526364?v=2.9.176&r=stable&domain=rightsleeping.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
1f2965b76922e51b48a5682acd6bb749889c7eab0c5d802e39e786777faf22cf
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-YD0SDORP' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 23:41:47 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-YD0SDORP' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=76, mss=1232, tbw=70244, tp=65, tpl=0, uplat=251, ullat=0
pragma
public
x-fb-debug
wYy92wIPj9imfgpYkDI1670Prf2/dtVIwKvzkYbmbvLU34EzqneZXKQRUtljeAhdNx+mTN+9iT7hVmNmGzCF3w==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
62ef670c899767001cf551f5.js
buttons-config.sharethis.com/js/ 		591 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/62ef670c899767001cf551f5.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:5e00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdd79fdff282882758d21f0bbaa4d554336150190cc50ad78947b889cee18215
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
cache-control
public, max-age=60
etag
"003fac9805946cf8bd2244181e9c96ca"
via
1.1 9478009849c2f6b9551c4c5c23842910.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
RefreshHit from cloudfront
content-length
591
x-amz-cf-id
hVGc_WWg-HGb_0Z97VfVV1AH3G7JAzNHZfwzQcQB45CxbhYdWs89eQ==
date
Fri, 29 Nov 2024 23:41:48 GMT
content-type
text/javascript
last-modified
Sun, 07 Aug 2022 07:31:10 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256
sc
l.sharethis.com/
Redirect Chain
  • https://l.sharethis.com/pview?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-5%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-5%2F&source=sharethis.js&...
  • https://l.sharethis.com/sc?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-5%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-5%2F&source=sharethis.js&fcm...
176 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/sc?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-5%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-5%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=5%20Reasons%20Why%20You%20Need%20The%20Derila%20Pillow&cms=unknown&publisher=62ef670c899767001cf551f5&sop=true&version=st_sop.js&lang=en&description=Transform%20your%20sleep%20experience%20and%20wake%20up%20refreshed%20every%20day%20with%20the%20Derila%20pillow!%20Discover%20how%20this%20innovative%20pillow%20combines%20comfort%20with%20health&ua=&ua_mobile=false&ua_full_version_list=&uuid=e98a5814-d1e2-4d50-84b9-cb26558dc6eb&samesite=None
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
HTTP/1.1
Server
52.8.103.62 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-103-62.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
1dfe67d92d42783cbe648b93261eeecd83fce7f8eaa8228a86984be439efb379
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Access-Control-Max-Age
1728000
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
true
Stid
ZHiAAmdKUTsAAAAJO+m4Aw==
Access-Control-Allow-Origin
https://rightsleeping.com
Content-Length
176
Date
Fri, 29 Nov 2024 23:41:47 GMT
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Headers
*

Redirect headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Access-Control-Max-Age
1728000
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Location
/sc?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-5%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-5%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=5%20Reasons%20Why%20You%20Need%20The%20Derila%20Pillow&cms=unknown&publisher=62ef670c899767001cf551f5&sop=true&version=st_sop.js&lang=en&description=Transform%20your%20sleep%20experience%20and%20wake%20up%20refreshed%20every%20day%20with%20the%20Derila%20pillow!%20Discover%20how%20this%20innovative%20pillow%20combines%20comfort%20with%20health&ua=&ua_mobile=false&ua_full_version_list=&uuid=e98a5814-d1e2-4d50-84b9-cb26558dc6eb&samesite=None
Connection
keep-alive
Access-Control-Allow-Credentials
true
Stid
ZHiAAmdKUTsAAAAJO+m4Aw==
Access-Control-Allow-Origin
https://rightsleeping.com
Content-Length
779
Date
Fri, 29 Nov 2024 23:41:47 GMT
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
*
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-BNQM7NW6HE&gtm=45je4bk0v893076787z8893062484za200zb893062484&_p=1732923705859&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=181782346.1732923707&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732923706&sct=1&seg=0&dl=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-5%2F&dt=5%20Reasons%20Why%20You%20Need%20The%20Derila%20Pillow&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3125
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BNQM7NW6HE&l=dataLayer&cx=c&gtm=45He4bk0v893062484za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80a::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://rightsleeping.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 23:41:47 GMT
content-type
text/plain
server
Golfe2
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1436609853526364&ev=PageView&dl=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-5%2F&rl=&if=false&ts=1732923707084&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732923707082.641507452336507547&ler=empty&cdl=API_unavailable&it=1732923706750&coo=false&rqm=GET
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=26, rtx=0, c=23, mss=1232, tbw=4466, tp=10, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 23:41:47 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1436609853526364&ev=PageView&dl=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-5%2F&rl=&if=false&ts=1732923707084&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732923707082.641507452336507547&ler=empty&cdl=API_unavailable&it=1732923706750&coo=false&rqm=FGET
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442850649871432574"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 23:41:47 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
GRZkCuIJxQQycyEsLkD/v4L9oCioqZ09AwM5He4H120SPXxCPs1W9MmNa8qcopqGjWychzxHqeNWDO0ZAIdI0g==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7442850649871432574", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=26, rtx=0, c=23, mss=1232, tbw=4834, tp=13, tpl=0, uplat=271, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
modules.86621fa4aeada5bcf025.js
script.hotjar.com/ 		222 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.86621fa4aeada5bcf025.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3140239.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-58.syd62.r.cloudfront.net
Software
/
Resource Hash
feb5c0ee05ef970a3cf34bac95d465e96ccb3a3df353b3a641d9391c168e68ad
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

x-robots-tag
none
content-encoding
br
etag
"ff8702986a1c41356391628a5f5d6f03"
age
811779
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
UGb-SYPItWcYfxeQK5m-aedS86sgKwM_tWKc9Yo2da9z987Tni8zyw==
date
Wed, 20 Nov 2024 14:12:08 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 20 Nov 2024 14:11:55 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 df166554184adf2da43f53000107ac74.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56243
x-amz-cf-pop
SYD62-P2
3140239
vc.hotjar.io/sessions/ 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/3140239?s=0.25&r=0.04570844785148309
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.86621fa4aeada5bcf025.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-76.syd3.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

via
1.1 eeaafdd5e22d1448912c6cf3e1e5bd58.cloudfront.net (CloudFront)
access-control-allow-origin
*
cache-control
no-store
x-cache
Miss from cloudfront
x-amz-cf-id
l4l5jZR7uBL88fs9cMnJmjio8H0TypQwwlkqNBYQjuAINOCPOAgWzg==
date
Fri, 29 Nov 2024 23:41:47 GMT
x-amz-cf-pop
SYD3-P1
/
content.hotjar.io/ 		56 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?site_id=3140239&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.86621fa4aeada5bcf025.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.128.190.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-190-134.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
18bbe827f6860b9cc2f2a1e22e5614e9cebe5d764c477bebdedb5732707701b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8
Referer
https://rightsleeping.com/

Response headers

access-control-max-age
86400
access-control-allow-origin
*
content-length
56
date
Fri, 29 Nov 2024 23:41:48 GMT
content-type
application/json
t.dhj
t.sharethis.com/1/k/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=B&dmn=rightsleeping.com&rnd=1732923707772
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.52.19 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-40-52-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
67c7d0ef7c26648d621a413c7b914fbe5964d9760e480a95d254e6d7df4673e9
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
Cache-Control
private, max-age=3600
Content-Encoding
gzip
Connection
keep-alive
X-Content-Type-Options
nosniff
Expires
Sat, 30 Nov 2024 00:41:47 GMT
Content-Length
1384
Date
Fri, 29 Nov 2024 23:41:47 GMT
Content-Type
text/javascript
panorama.js
platform-api.sharethis.com/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/panorama.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.20.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-20-116.syd62.r.cloudfront.net
Software
/
Resource Hash
a782015ceceb595c8305a944456587c4f2c4b3f0ca82aac8e5c6d7b33138f392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=3600
content-encoding
gzip
etag
W/"9a71-1934f7555b0"
age
867
via
1.1 08a9275888c86859e545bc29de28a412.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
x-amz-cf-id
-B0SrxZ8cL_ZRSizoNCXBl0jKSh9WMitIBjyc6wqiJRS5Jinjt247g==
date
Fri, 29 Nov 2024 23:27:20 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 21 Nov 2024 16:01:50 GMT
vary
Accept-Encoding
x-amz-cf-pop
SYD62-P3
x-frame-options
SAMEORIGIN
map
bcp.crwdcntrl.net/6/ 		235 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/panorama.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.92.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-92-93.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
57fd93d48902bf2f4be6c30ed6d412e301c5fb45c72b60b3e4eb51ff7c011532

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://rightsleeping.com/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://rightsleeping.com
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
235
date
Fri, 29 Nov 2024 23:41:48 GMT
content-type
application/json;charset=utf-8
x-server
10.42.31.198
server
Jetty(9.4.38.v20210224)
t_.htm
t.sharethis.com/a/ Frame C689 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1601.23404&cid=c010&cls=B
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=B&dmn=rightsleeping.com&rnd=1732923707772
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.52.19 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-40-52-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://rightsleeping.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1190
Content-Type
text/html
Date
Fri, 29 Nov 2024 23:41:47 GMT
Expires
Fri, 06 Dec 2024 23:41:47 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
logo-1-100x100.png
rightsleeping.com/wp-content/uploads/2022/08/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/uploads/2022/08/logo-1-100x100.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ec4c5fbf75517b8da579b798c4826f83a6f31ddb68d50e4a0bbe528f9bb9ec14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

cache-control
max-age=31536000
etag
"65ceb8de-621"
expires
Sat, 29 Nov 2025 23:41:48 GMT
accept-ranges
bytes
content-length
1569
date
Fri, 29 Nov 2024 23:41:48 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
image/png
last-modified
Fri, 16 Feb 2024 01:22:38 GMT
server
nginx
x-proxy-cache-info
DT:1
panorama
sync.sharethis.com/ 		42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/panorama?uid=0fcec16f1b3145952c60ca79e64d185ca02c90dcd48fa548a04ed5bd2dd99183&stid=ZHiAAmdKUTsAAAAJO%2Bm4Aw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.56.46.87 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-46-87.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

Stid
ZHiAAmdKUTsAAAAJO+m4Aw==
Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Content-Length
42
Date
Fri, 29 Nov 2024 23:41:48 GMT
Content-Type
image/gif
Connection
keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rightsleeping.com
URL
blob:https://rightsleeping.com/9b6aa9eb-3d6e-4547-bccd-0318b997f14a

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| _wpemojiSettings function| jQuery object| dataLayer object| gpSmoothScroll object| gpscroll function| SmoothScroll object| thirsty_global_vars object| thirstyFunctions object| generatepressMenu object| twemoji object| wp object| google_tag_manager object| google_tag_data function| hj object| _hjSettings function| fbq function| _fbq object| clickmagick_cmc object| st object| __stdos__ boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields boolean| clickmagick_cmc_loaded_previously function| onYouTubeIframeAPIReady object| gaGlobal object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| lotame_sync_16621 function| lotameIsCompatible function| sync16621_aa function| sync16621_c function| sync16621_f object| sync16621_h function| sync16621_ca function| sync16621_j function| sync16621_da object| sync16621_ object| sync16621_ga object| sync16621_v object| sync16621_oa object| sync16621_xa object| sync16621_ya function| sync16621_a function| sync16621_b function| sync16621_g function| sync16621_i function| sync16621_k function| sync16621_l function| sync16621_m function| sync16621_n function| sync16621_o function| sync16621_p function| sync16621_q function| sync16621_r function| sync16621_fa function| sync16621_ea function| sync16621_s function| sync16621_t function| sync16621_u function| sync16621_w function| sync16621_ha function| sync16621_ia function| sync16621_y function| sync16621_ja function| sync16621_z function| sync16621_A function| sync16621_x function| sync16621_B function| sync16621_ka function| sync16621_C function| sync16621_D function| sync16621_E function| sync16621_F function| sync16621_G function| sync16621_H function| sync16621_I function| sync16621_J function| sync16621_K function| sync16621_L function| sync16621_la function| sync16621_ma function| sync16621_na function| sync16621_M function| sync16621_N function| sync16621_pa function| sync16621_O function| sync16621_qa function| sync16621_ra function| sync16621_sa function| sync16621_P function| sync16621_ta function| sync16621_ua function| sync16621_va function| sync16621_wa function| sync16621_Q function| sync16621_R function| sync16621_za function| sync16621_S function| sync16621_T function| sync16621_U function| sync16621_V function| sync16621_Aa function| sync16621_W function| sync16621_X function| sync16621_Y function| sync16621_Z function| sync16621__ function| sync16621_0 function| sync16621_Ea function| sync16621_Ba function| sync16621_1 function| sync16621_Da function| sync16621_Ca function| sync16621_2 function| sync16621_3 function| sync16621_4 function| sync16621_5 function| sync16621_Ga function| sync16621_Ha function| sync16621_Ja function| sync16621_Fa function| sync16621_7 function| sync16621_Ia function| sync16621_La function| sync16621_Ka function| sync16621_8 function| sync16621_6 function| sync16621_9 function| sync16621_Ma function| sync16621_Na function| sync16621_Oa function| sync16621_Pa function| sync16621_$ function| sync16621_Qa function| sync16621_Ra function| sync16621_Sa function| sync16621_Ta

26 Cookies

Domain/Path Name / Value
.rightsleeping.com/ Name: _ga_BNQM7NW6HE
Value: GS1.1.1732923706.1.0.1732923706.0.0.0
.rightsleeping.com/ Name: _ga
Value: GA1.1.181782346.1732923707
.rightsleeping.com/ Name: _fbp
Value: fb.1.1732923707082.641507452336507547
.rightsleeping.com/ Name: _hjSessionUser_3140239
Value: eyJpZCI6ImRhZjRhZjUwLTc1YWYtNTJiNS1hMTdhLTlkNjk2MWMzZjdjZiIsImNyZWF0ZWQiOjE3MzI5MjM3MDc0NjYsImV4aXN0aW5nIjp0cnVlfQ==
.rightsleeping.com/ Name: _hjSession_3140239
Value: eyJpZCI6ImZhMmU4NWEyLTg1ZTUtNDJjYS1hMzRjLTljMDQ1NzcyZDU2MCIsImMiOjE3MzI5MjM3MDc0NjcsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.sharethis.com/ Name: __stid
Value: ZHiAAmdKUTsAAAAJO+m4Aw==
.sharethis.com/ Name: __stidv
Value: 2
.rightsleeping.com/ Name: fpestid
Value: 6-yufa_xh3u9vLadd1btKXL8iqA5Op4TU83flCrMdSgg9LOsiR-GXHJztvYGkkqMG8dPyw
.t.sharethis.com/ Name: pxcelPage_default_c010_B
Value: 0_6_1732923708061
.adsrvr.org/ Name: TDID
Value: d6ef5a05-4111-47a7-ad17-81a9b4b846b0
.eyeota.net/ Name: mako_uid
Value: 1937a4d530b-59b0000010d4205
.eyeota.net/ Name: SERVERID
Value: 16901~DM
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjK_sH0w7bIPRAFOAE.
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 4fbf6c05e0c6ae1db9aa91807489f673
.rightsleeping.com/ Name: _cc_id
Value: 4fbf6c05e0c6ae1db9aa91807489f673
.rightsleeping.com/ Name: panoramaId_expiry
Value: 1733528508130
.rightsleeping.com/ Name: panoramaId
Value: 0fcec16f1b3145952c60ca79e64d185ca02c90dcd48fa548a04ed5bd2dd99183
.rightsleeping.com/ Name: panoramaIdType
Value: panoDevice
.ml314.com/ Name: pi
Value: 3648778006386704394
.yahoo.com/ Name: A3
Value: d=AQABBDxRSmcCEDCc3Z8OETgZ7qneDVqami0FEgEBAQGiS2dUZw3-xiMA_eMAAA&S=AQAAAgPVWgwaLdwwybYLNWauc6U
.analytics.yahoo.com/ Name: IDSYNC
Value: 19b8~2m3z
.rlcdn.com/ Name: rlas3
Value: 4cxfWF+CyUesZpFiqzz4rfXpcrAcBEQxh7KC3S3KwhU=
.rlcdn.com/ Name: pxrc
Value: CLyiqboGEgUI6AcQABIFCNtOEAA=
.exelator.com/ Name: EE
Value: "2cb1aeb8d62771f2d12c2690c3df3f03"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcEoOckwMTXJIsXMyNzcMM0oxdAo2cjM0iDZOCXNOM3AeHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDYcEl%252BUWb6IsfQxUUpaQyLSopPBZ%252Fcqw4Asdgqbg%253D%253D"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcp.crwdcntrl.net
buttons-config.sharethis.com
cdn.clkmc.com
connect.facebook.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
l.sharethis.com
platform-api.sharethis.com
rightsleeping.com
script.hotjar.com
static.hotjar.com
sync.sharethis.com
t.sharethis.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
rightsleeping.com
108.128.190.134
108.158.20.116
108.158.32.82
13.56.46.87
142.250.198.3
157.240.8.23
157.240.8.35
18.65.244.76
18.67.110.58
23.40.52.19
2404:6800:4004:813::2008
2404:6800:4006:80a::200e
2404:6800:4006:80b::200a
2600:9000:277c:5e00:c:abe:f440:93a1
2606:4700:10::ac43:14b1
34.174.103.16
52.76.92.93
52.8.103.62
16d59e4b565f28a3b75317b289240e806bc65a2f7f201a8b680e559ff077f806
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
17ea19bb52caa07f6588951442f789aa9aeb2b0f089ac3611c9bda36983e5f9c
17f5cb0091d3b54e3e9aee77fc8c7eb582da9fdc7a931c40ebe2720f40872ef0
18bbe827f6860b9cc2f2a1e22e5614e9cebe5d764c477bebdedb5732707701b9
1d2601471b719ecfc4be8272cbda074e5ff15c43f8f98c5a1eef506d42800b24
1dbcb2a71a488ca32a43d4fac2fb658fcccf4b1db204a18476af79c0f79e78ec
1dfe67d92d42783cbe648b93261eeecd83fce7f8eaa8228a86984be439efb379
1f2965b76922e51b48a5682acd6bb749889c7eab0c5d802e39e786777faf22cf
223b2a4c85a7e508c8c95f846e9d7a1eb7d3833d561f5b4e0d998c674d3efb39
23c023792005dbbf706b9c93b04e0ac92f8801e551c49c2b892ab0d99b864648
3170050ba182339c71a5efb9c1d7fc59a2f49251f211031bf7a17502bc4a346d
381dec9786c31e06ff85ae00a7aa3af357278785ba1318bf4bbfb6a8d7bc3ffb
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4eaf4d34191ffe1ddbc27b6bf8dffbbc6d813db2a19fc8269b4b7a1c494a27c4
525c58020ee6c8c1d08f5392b4021faabb00c4e36f3570795b96a6cbf85635fd
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
57fd93d48902bf2f4be6c30ed6d412e301c5fb45c72b60b3e4eb51ff7c011532
5945935b868b1a8f5eb9e4df30b412e760115b11aa161469fbcf79123816a3a0
5af760e4297b064a2150dcd5f63d748a06dfa8b618c9e9d43a87c4ac74fa3974
5cd39f6c631f1c8a143c274efeb97d4584034f4566b164d919bb024943351ae0
5da274ce6310d42174fbf8369e8737ad5a2db661802d7aeb09ee13da863d7843
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
67c7d0ef7c26648d621a413c7b914fbe5964d9760e480a95d254e6d7df4673e9
74b4f31ecd217da76fdfa10505d202491536753483ff8bd5b9b0137fe75761f3
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8b0ceabdff07806ce949c228d047d0824bca1bec4c3c3f83ac2cd077a24e55e5
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
99cd643907dc8e8fec0290f21b770f5262ea89ef56bffd1ce74ed548567fa716
9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505
9bec6d410810065a33b1bdc33845882b477f9b1441452fe56e840b846f462641
a782015ceceb595c8305a944456587c4f2c4b3f0ca82aac8e5c6d7b33138f392
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
babfb4526a362fd0dd824dfad485addd3b753aced799ddabf6478b78e4e04f25
bdd79fdff282882758d21f0bbaa4d554336150190cc50ad78947b889cee18215
c4d5c0f1821f844cd5387a7ef6af33ffcf528d80fc2f7e36329d4259be84bd43
c839222ec3a5037179749a843610820436bf575a591a3e0b45404f1970a2cc56
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ce43697d26defc72fa5aa7e3d7f1296cd19ba9a67cad0e2557aacc7702454f4d
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de32121808b4c71fb8ee5e8aae85d0020cba63d055c73f61acc1438ddb689f84
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e861d200038e880398b15b3ad25504157f3696bd4e6b117b2a2cba6a078cbbd5
ec4c5fbf75517b8da579b798c4826f83a6f31ddb68d50e4a0bbe528f9bb9ec14
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22691711c373a3444980cc32ab028fa86dad687c1b386e14847a47ce8b88e73
f67e99114807ecac9bba6fbb9f81eea467c50c9f03b59974fe696bdfab6ba227
fb61c5b6f9e9a4087b8112d2ea51c654f1368f2d83a3c9fd2b4760f5a2304806
feb5c0ee05ef970a3cf34bac95d465e96ccb3a3df353b3a641d9391c168e68ad
fee6f31d9b17216938a66f16155cde2e48069dec78476d41376a52f506d4f6a8